System Administration Training Available!

LISA ’06 offers the most in-depth, real-world system administration training available!

A Blueprint for Real World System Administration 20TH LARGE INSTALLATION SYSTEM ADMINISTRATION CONFERENCE DECEMBER 3–8, 2006 | WASHINGTON, D.C.

Saturday, December 2 5:00 p.m.–8:00 p.m. On-Site Registration 6:00 p.m.–7:00 p.m. Welcome Get-Together 7:00 p.m.–8:00 p.m. Conference Orientation Sunday, December 3 7:30 a.m.–5:00 p.m. On-Site Registration 9:00 a.m.–5:00 p.m. Training Program Building a 9:00 a.m.–5:00 p.m. Workshops 12:30 p.m.–1:30 p.m. Luncheon for Training Sysadmin & Workshop Attendees Monday, December 4 7:30 a.m.–5:00 p.m. On-Site Registration Community 9:00 a.m.–5:00 p.m. Training Program 9:00 a.m.–5:00 p.m. Workshops 12:30 p.m.–1:30 p.m. Luncheon for Training & Workshop Attendees WHY ATTEND LISA ’06? 7:00 p.m.–11:00 p.m. Birds-of-a-Feather Sessions “There is always one thing that I learn that makes me want to shout, ‘That just paid for the entire conference!’ Also, there Tuesday, December 5 have been many times when I learned about a new sysadmin 7:30 a.m.–5:00 p.m. On-Site Registration tool at LISA years before it was popular: that’s really helped me 9:00 a.m.–5:00 p.m. Training Program stay ahead of the pack.” 9:00 a.m.–5:00 p.m. Workshops —Tom Limoncelli, Google 12:30 p.m.–1:30 p.m. Luncheon for Training & Workshop Attendees 7:00 p.m.–11:00 p.m. Birds-of-a-Feather Register today at www.usenix.org/lisa2006 Sessions Wednesday, December 6 7:30 a.m.–5:00 p.m. On-Site Registration 8:45 a.m.–10:30 a.m. Opening Remarks, Awards, and Keynote 9:00 a.m.–5:00 p.m. Training Program CONTENTS 11:00 a.m.–5:30 p.m. Technical Program Noon–7:00 p.m. Vendor Exhibition Register by 1 Invitation from the Program Chair 12:30 p.m.–1:30 p.m. Luncheon for Training “ ” Attendees November 10, 2006, 1 Conference Organizers 5:30 p.m.–6:30 p.m. Exhibition Reception and 2–3 Training at a Glance 7:00 p.m.–11:00 p.m. Birds-of-a-Feather Sessions 4–12 Training Program Thursday, December 7 Save! 6 A Note for Managers 7:30 a.m.–5:00 p.m. On-Site Registration Hotel Discount Deadline: 9:00 a.m.–5:00 p.m. Training Program 8 Continuing Education Units (CEUs) November 10, 2006 9:00 a.m.–5:30 p.m. Technical Program 13–17 Training Instructors 10:00 a.m.–2:00 p.m. Vendor Exhibition 12:30 p.m.–1:30 p.m. Luncheon for Training 18 Keynote Address Attendees 18–23 Technical Sessions 6:00 p.m.–8:00 p.m. Conference Reception 8:00 p.m.–11:00 p.m. Birds-of-a-Feather 24 Workshops Sessions Early 25 Vendor Exhibition Friday, December 8 8:00 a.m.–noon On-Site Registration Bird 26 About USENIX & SAGE 9:00 a.m.–5:00 p.m. Training Program Discount 26 Supporting Members & Sponsors 9:00 a.m.–5:30 p.m. Technical Program www.usenix.org/lisa2006 27 Conference Activities & Services 12:30 p.m.–1:30 p.m. Luncheon for Training Attendees 27 Student Discounts & Grants 2:00 p.m.–3:30 p.m. Work-in-Progress Reports 28 Hotel & Travel Information 4:00 p.m.–5:30 p.m. Closing Session: 29 Registration Information & Fees Improv for Sysadmins* JOIN US!

Dear Colleague, LISA ‘06 Organizers On behalf of all of the LISA ’06 organizers, I’d like to invite you to join us in Washington, D.C., for the 20th Large Installation System Program Chair Administration Conference. William LeFebvre, Independent For the past 19 years LISA has been the focal point for the global Consultant community of system and network administrators. This year LISA continues that tradition, featuring innovative tools and techniques Program Committee essential for your professional and technical development. Narayan Desai, Argonne National Take advantage of the 6 days of training. Select from over 50 tutorials taught by highly Laboratory expert instructors, including: Peter Galvin, Corporate Technologies, • Gerald Carter on Ethereal and the Art of Debugging Networks Inc. • Richard Bejtlich on TCP/IP Weapons Trey Harris, Amazon.com • Æleen Frisch on Administering Linux in Production Environments John “Rowan” Littell, California • Chip Salzenberg on Higher-Order Perl College of the Arts In addition to the training, 3 days of technical sessions include top-notch refereed papers, Adam Moskowitz, Upromise, Inc. informative invited talks, expert Guru Is In sessions, and the popular Hit the Ground Run- ning track. Mario Obejas, Raytheon Our 20+ invited talks feature our most impressive slate of speakers to date, including: Tom Perrine, Sony Computer Entertainment America • Keynote: “Hollywood’s Secret War on Your NOC,” by Cory Doctorow, co-editor of Boing Boing and former Director of European Affairs for the EFF W. Curtis Preston, GlassHouse Technologies • “Open Source Software and Its Role in Space Exploration,” by DJ Byrne, Jet Propul- sion Laboratory Amy Rich, Tufts University • “Teaching Problem Solving: You Can and You Should,” by Elizabeth Zwicky, Acuitus Marc Staveley, SOMA Networks, Inc. • “Corporate Security: A Hacker Perspective,” by Mark “Simple Nomad” Loveless, Rudi Van Drunen, Leiden Cytology Vernier Networks, Inc. and Pathology Labs • “Black Ops 2006: Pattern Recognition,” by Dan Kaminsky, DoxPara Research Alexios Zavras, IT Consultant • “High Availability: From Luxury to Commonplace Necessity in 10 Years,” by Eric Hennessey, Symantec Corp. Invited Talk Committee LISA is the premier forum for presenting new research in system administration. We David N. Blank-Edelman, selected papers from over 40 submissions, showcasing state-of-the-art work on topics Northeastern University CCIS including system and network management, theory, visualization, security, electronic mail, and more. Doug Hughes, Global Crossing Get a head start on key technologies with 15-minute talks in the Hit the Ground Running Guru Is In Coordinator track. Find out about the basic concepts, what acronyms you will encounter, and what Web sites and books are the best resources. Topics include Mac OS X, bcfg2, Puppet, Philip Kizer, Estacado Systems Building a Linux RAC Cluster, and more. Workshops Coordinator Bring your perplexing technical questions to the experts at LISA’s Guru Is In sessions. Luke Kanies, Reductive Labs Explore the latest commercial innovations at the Vendor Exhibition. Beneﬁt from new opportunities for peer interaction around the topics that mean the most Work-in-Progress Session to you. Coordinator Early registration discounts for LISA ’06, taking place December 3–8, 2006, in Washing- Esther Filderman, Pittsburgh ton, D.C., are now available. Register by Friday, November 10, and save up to $300! Supercomputing Center We‘re pleased to bring LISA to Washington, D.C., and look forward to seeing you there. The USENIX Association Staff William LeFebvre LISA ’06 Program Chair

* REGISTER BY NOVEMBER 10 AND SAVE! • 1 TRAINING AT A GLANCE

SUNDAY, DECEMBER 3 MONDAY, DECEMBER 4 (CONTINUED)

FULL DAY: 9:00 A.M.–5:00 P.M. FULL DAY: 9:00 A.M.–5:00 P.M. (CONTINUED)

S1 Peter Baer Galvin NEW! Solaris 10 Administration M4 Esther Filderman An Introduction to OpenAFS and Its Workshop and Alf Wachsmann Administration S2 Richard Bejtlich NEW! TCP/IP Weapons School M5 Matt Larson Advanced Topics in DNS Administra- (Day 1 of 2) tion S3 John Sellens System and Network Monitoring: HALF DAY MORNING: 9:00 A.M.–12:30 P.M. Tools in Depth M6 David Rhoades The Latest Hacking Tools and S4 Æleen Frisch Administering Linux in Production Defenses Environments M7 Daniel L. Appelman NEW! Blogs and Spam: Legal S5 Rik Farrow NEW! Linux Server Security Issues for the System Administrator Hands-On M8 Æleen Frisch NEW! Beyond Shell Scripts: S6 Tom Christiansen Advanced Perl Programming 21st-Century Automation Tools and Techniques HALF DAY MORNING: 9:00 A.M.–12:30 P.M. M9 Gerald Carter Ethereal and the Art of Debugging S7 William LeFebvre Introduction to Domain Name System Networks Administration S8 Theodore Ts’o NEW! Bzr, Hg, and Git, Oh My! HALF DAY AFTERNOON: 1:30 P.M.–5:00 P.M. Distributed Source Code Management M10 Systems Mike Ciavarella Documentation Techniques for Sysadmins S9 Gerald Carter NEW! So You Have Active Directory: M11 Adam Moskowitz NEW! How to Interview a System Now What? (A Guide to AD Integration Administrator for UNIX Sysadmins) M12 John Sellens Databases: What You Need to Know HALF DAY AFTERNOON: 1:30 P.M.–5:00 P.M. M13 Strata Rose Chalup Project Troubleshooting S10 William LeFebvre Intermediate Topics in Domain Name System Administration TUESDAY, DECEMBER 5 S11 Michael Lucas NEW! Netﬂow on the Cheap FULL DAY: 9:00 A.M.–5:00 P.M. S12 Gerald Carter Kerberos 5: Revenge of the Three- Headed Dog T1 James Mauro and Solaris 10 Performance, Observability, Richard McDougall and Debugging MONDAY, DECEMBER 4 T2 Abe Singer Building a Logging Infrastructure and Log Analysis for Security FULL DAY: 9:00 A.M.–5:00 P.M. T3 Mike Ciavarella Seven Habits of the Highly Effective M1 Marc Staveley System and Network Performance and Lee Damon System Administrator: Hints, Tricks, Tuning Techniques, & Tools of the Trade T4 Gerald Carter Managing Samba 3.0 M2 Richard Bejtlich NEW! TCP/IP Weapons School (Day 2 of 2) T5 John Gannon Introduction to VMware ESX Server M3 Lee Damon Issues in UNIX Infrastructure Design and John Arrasjid

2 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 Early Bird Register by November 10, 2006, and SAVE! Discount www.usenix.org/lisa2006

TUESDAY, DECEMBER 5 (CONTINUED) THURSDAY, DECEMBER 7 *HALF DAY MORNING: 9:00 A.M.–12:30 P.M. FULL DAY: 9:00 A.M.–5:00 P.M. T6 Murray Kucherawy NEW! Hitchhiker’s Guide to Email R1 Peter Baer Galvin Solaris 10 Security Features Sender Authentication and Marc Staveley Workshop T7 Jacob Farmer Disk-to-Disk Backup and Eliminating R2 Joshua Jensen Linux Systems Administration Backup System Bottlenecks HALF DAY MORNING: 9:00 A.M.–12:30 P.M. T8 David N. Over the Edge System Administration, Blank-Edelman Vol. 1 R3 Tom Limoncelli Time Management: Getting It All Done and Not Going (More) Crazy! T9 Rik Farrow NEW! Firewalls and Internet Security for Mac OS X R4 Strata Rose Chalup Practical Project Management for Sysadmins and IT Professionals HALF DAY AFTERNOON: 1:30 P.M.–5:00 P.M. R5 Chip Salzenberg Regular Expression Mastery

T10 Murray Kucherawy NEW! Writing Filters Using “milter” HALF DAY AFTERNOON: 1:30 P.M.–5:00 P.M.

T11 Jacob Farmer Next Generation Storage Networking R6 Evan Marcus Blueprints for High Availability T12 David N. NEW! Over the Edge System R7 Gerald Carter NEW! Hot Swap File/Print Services Blank-Edelman Administration, Vol. 2 from Windows to Samba T13 Rudi van Drunen NEW! Enterprise Wireless Network R8 Chip Salzenberg NEW! Higher-Order Perl Setup FRIDAY, DECEMBER 8 WEDNESDAY, DECEMBER 6 FULL DAY: 9:00 A.M.–5:00 P.M. FULL DAY: 9:00 A.M.–5:00 P.M. F1 Richard Bejtlich Network Security Monitoring with W1 Jeff Victor NEW! Resource Management with Open Source Tools Solaris Containers F2 Don Bailey NEW! Wi-Fi, WiMAX, RFID, UWB, W2 Gerald Carter Implementing [Open]LDAP Directories Zigbee, Bluetooth, et al. for Dummies . . . and You HALF DAY MORNING: 9:00 A.M.–12:30 P.M. HALF DAY MORNING: 9:00 A.M.–12:30 P.M.

W3 Mike Ciavarella Advanced Shell Programming F3 Evan Marcus Disaster Planning (and Recovery): How to Keep Your Company (and W4 Ed DeHart NEW! Internet Security for UNIX Your Job) Alive System Administrators F4 Michael Cucchi NEW! Wide Area Storage Network- W5 David N. NEW! Hackingn Perl ing: Server Consolidation and Data Blank-Edelman Protection Over the WAN F5 HALF DAY AFTERNOON: 1:30 P.M.–5:00 P.M. Chip Salzenberg Perl Program Repair Shop and Red Flags

W6 Abe Singer Security Without Firewalls W7 Ed DeHart NEW! Setting Up a Data Center (or Data Closet) W8 Strata Rose Chalup NEW! Problem-Solving for IT Professionals

FULL DAY 9:00 A.M.–5:00 P.M.

S1 SOLARIS 10 ADMINISTRATION S3 SYSTEM AND NETWORK MONITOR- S5 LINUX SERVER SECURITY HANDS-ON WORKSHOP NEW! ING: TOOLS IN DEPTH NEW! Peter Baer Galvin, Corporate Technolo- John Sellens, SYONEX Rik Farrow, Security Consultant gies, Inc. Who should attend: Network and sys- Who should attend: Both Linux and Who should attend: Solaris system tem administrators ready to implement UNIX system administrators. Some expe- managers and administrators interested in comprehensive monitoring of their sys- rience with command-line UNIX tools is learning the new administration features tems and networks using the best freely required to get the most out of this class. in Solaris 10 (and features in previous available tools. Participants should have Security analysts and managers can also Solaris releases that they may not be an understanding of the fundamentals of take this class and learn what must be using). networking, familiarity with computing and done to create secure Linux systems. Topics include: network components, UNIX system Topics include: • Overview administration experience, and some • Checking for low-hanging fruit that can • Solaris releases understanding of UNIX programming and aid an attacker, such as bad file permis- • Installing and upgrading to Solaris 10 scripting languages. sions, dangerous SUID files, and back- • Patching Topics include, for each of Nagios, doors • Service Management Facility (lab) Cricket, MRTG, and Orca: • Defending servers against network- based attacks via proper service configu- • The kernel • Installation ration • Crash and core dumps • Configuration, setup options, and how • Using local firewalls to both block poten- • Cool commands to manage larger and nontrivial configu- tial attacks and blunt successful attacks • ZFS (lab) rations • Running servers within a chrooted envi- • N1 Grid Containers (a.k.a. Zones) (lab) • Reporting and notifications, both proac- ronment • Dtrace tive and reactive • Using secure remote administration • FMA • Special cases • Running Apache securely through proper • Performance • Extending the tools configuration and through checking CGI • Networking • Dealing effectively with network bound- scripts or programs for exploitable fea- • Sysadmin best practices aries and remote sites tures • Security concerns and access control • Keeping your servers properly updated S2 TCP/IP WEAPONS SCHOOL (Day 1 of 2) • Ongoing operations and vulnerability-free NEW! • Setting up effective logging Richard Bejtlich, TaoSecurity S4 ADMINISTERING LINUX IN PRODUCTION ENVIRONMENTS S6 ADVANCED PERL PROGRAMMING Who should attend: Junior and interme- Æleen Frisch, Exponential Consulting Tom Christiansen, Consultant diate analysts and system administrators who detect and respond to security inci- Who should attend: Linux sysadmins Who should attend: Perl programmers dents. looking to learn about the latest develop- with at least a journeyman-level working ments and problem-solving techniques; knowledge of Perl programming and a Course plan: The class will concentrate administrators from sites considering con- desire to hone their skills. on the protocols and services most likely verting to Linux or adding Linux systems to be encountered when performing sys- Topics include: to their current resources. tem administration and security work. • Symbol tables and typeglobs Students will inspect traffic such as would Topics include: • Modules be seen in various malicious security • Recent kernel developments • References events. • High-performance I/O • Fancy object-oriented programming • Advanced compute-server environments • Managing exceptions and warnings Topics for Day 1 include: • High availability Linux: fault-tolerance • Regular expressions • Hardware and network design options • Programming with multiple processes or • Layer 1 • Enterprise-wide authentication and other threads • Layer 1 attack: Rogue access point security features • Unicode and I/O layers • Layer 2 • Automating installations and other mass operations • Linux performance tuning

4 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 See www.usenix.org/lisa06/training for complete training program info.

HALF DAY MORNING: 9:00 A.M.–12:30 P.M. AFTERNOON: 1:30 P.M.–5:00 P.M.

S7 INTRODUCTION TO DOMAIN NAME S9 SO YOU HAVE ACTIVE DIRECTORY: S11 NETFLOW ON THE CHEAP NEW! (AM) SYSTEM ADMINISTRATION (AM) NOW WHAT? (A GUIDE TO AD INTE- (PM) Michael W. Lucas, Consultant GRATION FOR UNIX SYSADMINS) William LeFebvre, Consultant Who should attend: Anyone who wants Who should attend: System or network NEW! to learn to easily architect a NetFlow sys- administrators who have been exposed to Gerald Carter, Centeris tem to solve technical problems and the Domain Name System only as users. Who should attend: System administra- resolve administrative and social prob- A basic understanding of the IP protocols, tors who are tasked with integrating lems. TCP and UDP, data encapsulation, and authentication, Web, and file/print servic- NetFlow is an extremely powerful network the seven-layer model will be beneficial. es provided by UNIX hosts into an Active management tool with a reputation for Topics include: Directory domain. being obtuse and expensive. I will present • DNS and BIND Topics include: a coherent, start-to-finish solution that will • The DNS name hierarchy • AD domain membership using Samba work in any vaguely modern environment • The four components of the DNS proto- • NTLM and Kerberos authentication for and can be assembled out of a few gigs col Apache of disk, some cards and cables, a free • Iterative vs. recursive querying • Using PAM for NTLM and Kerberos UNIX, and freely available software, while • Essential resource records: SOA, A, PTR, authentication also leveraging any Cisco hardware the CNAME, NS • Searching Active Directory using LDAP students have. • Zone transfers and secondaries clients • Vendor-specific differences S12 KERBEROS 5: REVENGE OF THE S10 INTERMEDIATE TOPICS IN DOMAIN (PM) THREE-HEADED DOG S8 BZR, HG, AND GIT, OH MY! (PM) NAME SYSTEM ADMINISTRATION Gerald Carter, Centeris (AM) DISTRIBUTED SOURCE CODE William LeFebvre, Consultant Who should attend: Administrators who MANAGEMENT SYSTEMS NEW! Who should attend: Network adminis- want to understand Kerberos 5 imple- Theodore Ts’o, IBM Linux Technology trators with a basic understanding of DNS mentations on both UNIX/Linux and Win- Center and its configuration who need to learn dows clients and servers. Who should attend: Developers, project how to create and delegate subdomains, leaders, and system administrators deal- and administrators planning to install Topics include: ing with source code management sys- BIND8. Attendees are expected either to • Key concepts of the Kerberos 5 protocol tems who want to take advantage of the have prior experience with DNS, including • Related authentication interfaces such as newest distributed development tools. an understanding of basic operation and SASL and GSSAPI zone transfers, or to have attended the • The specifics of implementing Krb5 Are you still using CVS or SVN? Find out “Introduction to Domain Name System realms what you’ve been missing! This tutorial Administration” tutorial. • Implementations of Krb5 cross-realm will describe the basic concepts of dis- trusts tributed SCMs and provide gentle instruc- Topics include: • Integration of Windows and UNIX/Linux tions on how these systems work and • Subdomains and delegation clients into Krb5 realms how to use them. It will also compare and • Resource records: NS, RP, MX, TXT, • Possible pitfalls of using popular Krb5 contrast the strengths and weaknesses of AAAA implementations such as those of MIT these systems and will provide guidance • BIND views and Windows 200x and suggestions so that project leaders • DNS management tools can choose the distributed SCM that is • DNS design most appropriate for their project. • DNS and firewalls

Our Guarantee If you’re not happy, we’re not happy. If you feel a tutorial does not meet the high standards you have come to expect from USENIX, let us know by the ﬁrst break and we will change you to any other available tutorial immediately.

FULL DAY 9:00 A.M.–5:00 P.M.

M1 SYSTEM AND NETWORK M3 ISSUES IN UNIX INFRASTRUCTURE M4 AN INTRODUCTION TO OPENAFS AND PERFORMANCE TUNING DESIGN ITS ADMINISTRATION Marc Staveley, Soma Networks Lee Damon, University of Washington Esther Filderman, Pittsburgh Supercom- Who should attend: Novice and Who should attend: Anyone who is puting Center, and Alf Wachsmann, Stan- advanced UNIX system and network designing, implementing, or maintaining a ford Linear Accelerator Center administrators, and UNIX developers con- UNIX environment with 2 to 20,000+ Who should attend: Anyone looking to cerned about network performance hosts. System administrators, architects, learn more about OpenAFS and how to impacts. A basic understanding of UNIX and managers who need to maintain mul- set up and administer an OpenAFS cell. system facilities and network environ- tiple hosts with few admins. Topics include: ments is assumed. Topics include: • Overview of AFS concepts and seman- Topics include: • Administrative domains tics • Performance tuning strategies • Desktop services vs. farming • Setting up and managing the AFS client • Server tuning • Disk layout (even without your own servers) • NFS performance tuning • Free vs. purchased solutions • A working outline of the AFS server • Network performance, design, and • Homogeneous vs. heterogeneous processes and how they play together capacity planning • The essential master database • How to set up a new AFS cell: design decisions, initial setup, planning for the • Application tuning • Policies to make life easier future • Push vs. pull M2 TCP/IP WEAPONS SCHOOL (Day 2 of 2) • Authentication issues: Native KAS vs. • Getting the user back online in 5 minutes Kerberos5 NEW! • Remote administration Richard Bejtlich, TaoSecurity • Backups: How and what to choose to • Scaling and sizing use See S2 for the description of the first day • Security vs. sharing • AFS tools to make everything from main- of this tutorial. • Single sign-on tenance to monitoring easier Who should attend: Junior and interme- • Single system images M5 ADVANCED TOPICS IN DNS diate analysts and system administrators • Tools ADMINISTRATION who detect and respond to security inci- Matt Larson, VeriSign, Inc. dents. Who should attend: DNS administrators Topics for Day 2 include: who wish to extend their understanding of • Layer 2 attacks how to configure and manage name • Layer 3 servers running BIND 9. Attendees should • Layer 3 attacks have some experience of running a name server and be familiar with DNS jargon, Attention Managers: Why You Should Combining full days of training with days of resource records, and the syntax of zone Send Your Employees to LISA ’06 technical sessions on groundbreaking research files and named.conf. related to system and network administration Technology continues to evolve. Truly to stay Topics include: makes the LISA ’06 experience even more ahead of the game, your employees must con- • The BIND 9 logging subsystem valuable. Additionally, the evening receptions tinue to enhance their skills. • Managing the name server with rndc and Birds-of-a-Feather sessions provide your The training program at LISA ’06 offers a cost- • Configuring split DNS: internal and exter- staff with a chance to network with peers and effective, one-stop shop for training current IT nal versions of a domain industry leaders to gain that all-important and development employees. 55+ full- and • Securing the name server “insider” IT knowledge that will keep your com- half-day tutorials taught by the most respected • Security pany current and running smoothly. leaders in the field provide an unparalleled • Dynamic DNS (DDNS) Keeping up with technology can be costly and opportunity to learn from the best. Tutorials • IPv6 time-consuming in this unforgiving economy: cover a multitude of system administration top- take full advantage of this opportunity to have ics, including open source technologies, secu- your staff learn from the top researchers, practi- rity, and configuration management. tioners, and authors all in one place, at one time.

6 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 Please see www.usenix.org/lisa06/training for full tutorial descriptions.

HALF DAY MORNING: 9:00 A.M.–12:30 P.M. AFTERNOON: 1:30 P.M.–5:00 P.M.

M6 THE LATEST HACKING TOOLS AND M9 ETHEREAL AND THE ART OF M12 DATABASES: WHAT YOU NEED TO (AM) DEFENSES (AM) DEBUGGING NETWORKS (PM) KNOW David Rhoades, Maven Security Consult- Gerald Carter, Centeris John Sellens, SYONEX ing, Inc. Who should attend: System and net- Who should attend: System and appli- Who should attend: Anyone who is work administrators who are interested in cation administrators who need to sup- interested in how hackers work these learning more about the TCP/IP protocol port databases and database-backed days, and what system and network and how network traffic monitoring and applications. administrators can do to defend them- analysis can be used as a debugging, Topics include: selves. auditing, and security tool. • An introduction to database concepts Topics may include: Topics include: • The basics of SQL (Structured Query • VoIP security • Introduction to Ethereal for local and Language) • Phishing remote network tracing • Common applications of databases • Reverse engineering • TCP/IP protocol basics • Berkeley DB and its applications • Anti-forensics • Analysis of popular application protocols • MySQL installation, configuration, and • Wi-Fi and Bluetooth such as DNS, DHCP, HTTP, NFS, CIFS, management • Web application attacks and LDAP • PostgreSQL installation, configuration, • Spyware and malware • How some kinds of TCP/IP network and management attacks can be recognized • Network tools • Security, user management, and access controls • Denial of service attacks M10 DOCUMENTATION TECHNIQUES • Ad-hoc queries with standard interfaces (PM) FOR SYSADMINS M7 BLOGS AND SPAM: LEGAL ISSUES (AM) • ODBC and other access methods FOR THE SYSTEM ADMINISTRATOR Mike Ciavarella, University of Melbourne • Database access from other tools (Perl, NEW! Who should attend: System administra- PHP, sqsh, etc.) tors who need to produce documention Daniel L. Appelman, Heller Ehrman LLC M13 PROJECT TROUBLESHOOTING for the systems they manage or who want Who should attend: System administra- (PM) Strata Rose Chalup, Project to improve their documentation skills. tors and others facing these legal and Management Consultant ethical issues. Topics include: Who should attend: Anyone with an • Why system administrators need to doc- Topics include: ument existing project that isn’t going well, and • CAN-SPAM and what it means for the • The document life cycle they’re not sure why, or with a big initia- system administrator • Targeting your audience tive at work that they’d like to turn into a • New FTC rules implementing CAN-SPAM • An adaptable document framework project but can’t seem to get beyond a • Blogging issues for the system adminis- certain point with it; anyone who’s been trator • Common mistakes getting involved with open source soft- • The role of company policies with respect • Tools to assist the documentation ware development, and things have got- to spam and blogging process ten complex now that more folks are on • Recommendations for the sysadmin M11 HOW TO INTERVIEW A SYSTEM board. If you’ve been thinking, “Hey, if we M8 BEYOND SHELL SCRIPTS: 21ST- (PM) ADMINISTRATOR NEW! had a little more structure, we could get a (AM) CENTURY AUTOMATION TOOLS AND Adam Moskowitz, Upromise, Inc. lot more accomplished,” this tutorial is for TECHNIQUES NEW! Who should attend: System administra- you. Æleen Frisch, Exponential Consulting tors of all levels of experience, as well as Who should attend: System administra- managers of system administrators. tors who want to explore new ways of Topics include: automating administrative tasks. • Purposes of an interview Topics include: • Basic questions to bear in mind • Cfengine • Preparatory questions • Expect: Automating interactive processes • How to interview someone who knows more than you do • Bacula, an enterprise backup management facility • How, as an interviewee, to turn a bad question into a better one REGISTER BY NOVEMBER 10 AND SAVE! • 7 TRAINING PROGRAM TUESDAY, DECEMBER 5

FULL DAY 9:00 A.M.–5:00 P.M.

T1 SOLARIS 10 PERFORMANCE, T3 SEVEN HABITS OF THE HIGHLY T4 MANAGING SAMBA 3.0 OBSERVABILITY, & DEBUGGING EFFECTIVE SYSTEM ADMINISTRATOR: Gerald Carter, Centeris HINTS, TRICKS, TECHNIQUES, & James Mauro and Richard McDougall, Who should attend: System administra- TOOLS OF THE TRADE Sun Microsystems tors who are currently managing Samba Who should attend: Anyone who Mike Ciavarella, University of Melbourne, servers or are planning to deploy new supports or may support Solaris 10 and Lee Damon, University of Washington servers this year. machines. An overview of the tools and Who should attend: Junior system Topics include: utilities will be followed by a drill-down on administrators with anywhere from little to • Providing basic file and print services applying them to resolve performance 3+ years of experience in computer sys- • Centrally managing printer drivers for issues and pathological behavior. tem administration. Windows clients Topics include: Topics include: • Cofiguring Samba’s support for Access • Solaris 10 features overview • Why your computers should all agree on Control Lists and the Microsoft Distrib- • Solaris 10 tools and utilities what time it is uted File System • Understanding memory use and perfor- • Why root passwords should not be the • Making use of Samba VFS modules for mance same on every computer features such as virus scanning and a network recycle bin • Understanding thread execution flow and • Why backing up every filesystem on profiling every computer is not always a good • Integrating with Windows NT 4.0 and Active Directory authentication services • Understanding I/O flow and performance idea • Implementing a Samba primary domain • Looking at network traffic and perfor- • Policies: where you want them and controller along with Samba backup mance where you might want to avoid them domain controllers • Application and kernel interaction • Ethical issues • Migrating from a Windows NT 4.0 • Putting it all together • Growth and success as a solo-sysadmin as well as in small, medium, and large domain to a Samba domain T2 BUILDING A LOGGING INFRASTRUC- teams • Utilizing account storage alternatives to TURE AND LOG ANALYSIS FOR • Training, mentoring, and personal growth smbpasswd such as LDAP SECURITY planning T5 INTRODUCTION TO VMWARE ESX Abe Singer, San Diego Supercomputer • Site planning, budgeting, and logistics SERVER • Books that can help you and your users Center John Gannon and John Arrasjid, VMware Who should attend: System, network, Who should attend: System administra- and security administrators who want to Continuing Education Units tors and architects who are interested in be able to separate the wheat of warning (CEUs) deploying VMware ESX Server in a pro- information from the chaff of normal activ- USENIX provides Continuing Educa- duction environment. No prior experience ity in their log files. tion Units for a small additional admin- with VMware products is required. Knowl- Topics include: istrative fee. The CEU is a nationally edge of Linux is helpful; basic knowledge • Problems, issues, and scale of handling recognized standard unit of measure of SANs is useful but not required. log information for continuing education and training Topics include: and is used by thousands of organi- • Generating useful log information: • Virtual infrastructure overview improving the quality of your logs zations. • ESX Server overview • Collecting log information Each full-day tutorial qualifies for 0.6 • Installation and configuration • Storing log information CEUs. You can request CEU credit by • Virtual Machine (VM) creation and opera- • Log analysis completing the CEU section on the tion • How to handle and preserve log files for registration form. USENIX provides a • Operations and administration best prac- HR and legal folks certificate for each attendee taking a tices tutorial for CEU credit and maintains • Advanced configuration (SAN and net- Please see transcripts for all CEU students. working) www.usenix.org/lisa06/training CEUs are not the same as college credits. Consult your employer or for full tutorial descriptions. school to determine their applicability.

8 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 Please see www.usenix.org/lisa06/training for full tutorial descriptions.

HALF DAY MORNING: 9:00 A.M.–12:30 P.M. AFTERNOON: 1:30 P.M.–5:00 P.M.

T6 HITCHHIKER’S GUIDE TO EMAIL T8 OVER THE EDGE SYSTEM ADMINI- T11 NEXT GENERATION STORAGE (AM) SENDER AUTHENTICATION NEW! (AM) STRATION, VOL. 1 (PM) NETWORKING Murray Kucherawy, Sendmail, Inc. David N. Blank-Edelman, Northeastern Jacob Farmer, Cambridge Computer Who should attend: System administra- University Who should attend: Sysadmins running tors familiar with email concepts who Who should attend: Old-timers who day-to-day operations and those who set want to get their feet wet in the emerging think they’ve already seen it all, and those or enforce budgets. area of email sender authentication. who want to develop inventive thinking Topics include: Topics include: early in their career. • Basics of storage virtualization • Why sender authentication is necessary Topics include: • Shortcomings of SAN and NAS • Why not PGP or S/MIME? • New purposes for network transports • Virtualization architectures • Simple client checks • How to increase user satisfaction during • The latest storage interfaces • Path-based methods downtimes with 6 lines of Perl • Content-Addressable Storage (CAS) • Crypto-based methods • How to improve your network services • Information Life Cycle Management • Best common practices by throwing away data • Hierarchical Storage Management • Reputation: RBLs, Vipul’s Razor • How to drive annoying Web-only apps • The convergence of SAN and NAS without lifting a finger • High-performance file sharing T7 DISK-TO-DISK BACKUP AND • How to use ordinary objects, such as • Parallel file systems Silly Putty, to make your life easier (AM) ELIMINATING BACKUP SYSTEM • SAN-enabled file systems BOTTLENECKS T9 FIREWALLS AND INTERNET • Wide-area file systems (WAFS) Jacob Farmer, Cambridge Computer (AM) SECURITY FOR MAC OS X NEW! T12 OVER THE EDGE SYSTEM ADMINI- Who should attend: System administra- Rik Farrow, Security Consultant (PM) STRATION, VOL. 2 tors involved in the design and manage- NEW! Who should attend: Mac OS X users ment of backup systems and policymak- David N. Blank-Edelman, Northeastern and administrators; security wonks. ers responsible for protecting their organi- University zation’s data. Some familiarity with server Topics include: Who should attend: Old-timers who and storage hardware is assumed. • Configuring ipfw using the GUI think they’ve already seen it all, and those • IP as it applies to firewalls and Internet Topics include: who want to develop inventive thinking. security • Identifying and eliminating backup sys- Topics include: • Using ipfw firewalls tem bottlenecks • How to benefit from side effects • Mac OS X IP protocols • Conventional disk staging • Arts and crafts for sysadmins • Using ipfw to control network access to • Virtual tape libraries your Mac OS X systems • Web apps as sysadmin tools • Removable disk media • How to perform SQL queries on your • Incremental forever and synthetic full T10 WRITING FILTERS USING “MILTER” network equipment backup strategies (PM) NEW! • How to use even more ordinary objects • Block- and object-level incremental Murray Kucherawy, Sendmail, Inc. to make your life easier backups • Information lifecycle management and Who should attend: Sysadmins and T13 ENTERPRISE WIRELESS NETWORK nearline archiving developers familiar with email concepts (PM) SETUP NEW! • Data replication who want to write applications to plug Rudi van Drunen, Leiden Pathology and • CDP (Continuous Data Protection) into the sendmail MTA to monitor and Cytology Labs, Leiden, The Netherlands control the flow and content of email. • Snapshots Who should attend: Network profession- • Current and future tape drives Topics include: als and sysadmins deploying wireless net- • Capacity Optimization (Single-Instance • Phases of SMTP works in an enterprise setting. File Systems) • The callbacks milter offers Topics include: • Minimizing or eliminating tape drives • How threads are used in milter • Making a radio plan • iSCSI • Writing a basic filter with the milter API • Selecting and placing access points • Registering the filter with Sendmail • Determining your cabling needs • Handling failures • Designing the authentication/authoriza- • Related known limitations tion infrastructure • Examples of applications • Setting up hardware and software 9 TRAINING PROGRAM WEDNESDAY, DECEMBER 6

FULL DAY 9:00 A.M.–5:00 P.M. HALF DAY A.M.: 9:00 A.M.–12:30 P.M. P.M.: 1:30 P.M.–5:00 P.M.

W1 RESOURCE MANAGEMENT WITH W3 ADVANCED SHELL PROGRAMMING W6 SECURITY WITHOUT FIREWALLS SOLARIS CONTAINERS NEW! (AM) Mike Ciavarella, University of Melbourne (PM) Abe Singer, San Diego Supercomputer Jeff Victor, Sun Microsystems Who should attend: Junior or intermedi- Center Who should attend: Sysadmins who ate system administrators or anyone with Who should attend: Administrators who want to improve resource utilization of a basic knowledge of programming. want or need to explore strong, low-cost, their Solaris (SPARC, x64, x86) systems. Topics include: scalable security without firewalls. Topics include: • Common mistakes and unsafe practices Topics include: • What are resources, and why would you • Modular shell script programming • The threat perspective from a data-cen- want to manage them? • Building blocks: awk, sed, etc. tric point of view • Projects and Tasks • Writing secure shell scripts • How to implement and maintain central- • Resource Controls • Performance tuning ized configuration management • Dynamic Resource Pools, including • Choosing the right utilities for the job • Secure configuration and management of processor sets • Addressing portability at the design stage core network services • Physical Memory management with • When not to use shell scripts • Good system administration practices Resource Capping and Memory Sets • Implementing strong authentication • Network bandwidth management with W4 INTERNET SECURITY FOR UNIX • A sound patching strategy IPQoS (AM) SYSTEM ADMINISTRATORS NEW! • How we recovered, and what we • Schedulers Ed DeHart, aspStation, Inc. learned, from last year’s compromise • Application isolation with Zones Who should attend: UNIX sysadmins W7 SETTING UP A DATA CENTER (OR W2 IMPLEMENTING [OPEN]LDAP and operations/support staff. (PM) DATA CLOSET) NEW! DIRECTORIES Topics include: Ed DeHart, aspStation, Inc. Gerald Carter, Centeris • Latest information on security problems Who should attend: Sysadmins in Who should attend: Both LDAP directo- • UNIX system security charge of multiple servers who are inter- ry administrators and architects. • Security policies ested in learning more about how to build n a server environment. Topics include: W5 HACKING PERL NEW! • Replacing NIS domains (AM) David N. Blank-Edelman, Northeastern Topics include: • Integration with Samba file and print University • Wiring best practices servers • Ethernet: Switches, ConServers, etc. Who should attend: Anyone who has • Integrating MTAs such as Sendmail and • Remote access and control ever had a nagging feeling that there Postfix • Active and standby power might be ways to make hacking Perl easi- • Creating address books for mail clients • Cooling and ventilation er and more efficient. • Managing user access to HTTP and FTP • Budget realities services Topics include: • Integrating with DHCP and DNS servers • The best development environments for W8 PROBLEM-SOLVING FOR IT • Scripting with the Net::LDAP Perl module Perl (editors, IDEs, etc.) (PM) PROFESSIONALS NEW! • Defining custom attributes and object • How to find code that already does what Strata Rose Chalup, Project Management classes you need (and the potential hazards of Consultant using that code) Who should attend: • Tools that can help make coding Perl IT support people easier who would like to have a better grasp of • Ways to make debugging Perl code (your problem-solving as a discipline. Please see own or someone else’s) easier What this class will do for you: www.usenix.org/lisa06/training • Coding techniques that lead to less • Give you a solid grounding in the process debugging for complete training program info. of solving problems • Provide a framework on which to build troubleshooting techniques that are specific to your environment • Build your confidence in your ability to apply logic to debug problems

10 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 TRAINING PROGRAM THURSDAY, DECEMBER 7

FULL DAYS 9:00 A.M.–5:00 P.M. HALF DAY A.M.: 9:00 A.M.–12:30 P.M. P.M.: 1:30 P.M.–5:00 P.M.

R1 SOLARIS 10 SECURITY FEATURES R3 TIME MANAGEMENT: GETTING IT ALL R6 BLUEPRINTS FOR HIGH AVAILABILITY WORKSHOP (AM) DONE AND NOT GOING (MORE) (PM) Evan Marcus, Aardvark Technologies, Ltd CRAZY! Peter Baer Galvin, Corporate Technolo- Who should attend: System administra- gies, and Marc Staveley, Soma Networks Tom Limoncelli, Google tors and data center managers, develop- Who should attend: Solaris systems Who should attend: Sysadmins who ers, IT managers. managers and administrators interested in want to improve their time-management Topics include: the new security features in Solaris 10 or skills, who want to have more control over • The relationship between cost and avail- overlooked features in older releases. their time and better follow-through on ability Topics include: assignments. • Our list of 20 key high availability design • N1 Grid Containers (a.k.a. Zones) (lab) Topics include: principles • RBAC (lab) • Why typical “time management” books • How you can get started down the path • Privileges (lab) don’t work for sysadmins toward high availability without spending boatloads of money • NFSv4 • How to delegate tasks effectively • Simple and practical tools you can use • Flash archives and live upgrade • A way to keep from ever forgetting a right away • Moving from NIS to LDAP user’s request • DTrace • Why “to do” lists fail and how to make R7 HOT SWAP FILE/PRINT SERVICES them work • FTP client and server enhancements (PM) FROM WINDOWS TO SAMBA NEW! • PAM enhancements • Prioritizing tasks so that users think you’re a genius Gerald Carter, Centeris • Auditing enhancements • Getting more out of your Palm Pilot Who should attend: Administrators who • BSM • Having more time for fun (for people with are interested in transparently replacing • Service Management Facility (lab) a social life) Windows file/print servers with Samba • Solaris Cryptographic Framework • How to leave the office every day with a running on UNIX/Linux servers. • Smartcard interfaces and APIs smile on your face • Kerberos enhancements Topics include: • Packet filtering R4 PRACTICAL PROJECT MANAGEMENT • Understanding Samba’s use of POSIX • BART (AM) FOR SYSADMINS AND IT PROFES- Access Control Lists and Extended SIONALS Attributes R2 LINUX SYSTEM ADMINISTRATION • Maintaining Windows ACLs while moving Strata Rose Chalup, Project Management Joshua Jensen, Cisco Systems Inc. files and directories Consultant • Migrating printer queues, drivers, and Who should attend: Sysadmins who Who should attend: System administra- settings plan to implement Linux in a production tors who want to stay hands-on as team • Migrating users and groups from an NT4 environment. leads or system architects and need a domain controller Topics include (with an emphasis on new set of skills with which to tackle big- R8 HIGHER-ORDER PERL NEW! security): ger, more complex challenges. (PM) Chip Salzenberg, Cloudmark • Installation issues Topics include: Who should attend: Programmers • Boot loaders and system startup • Quick basics of project management involved in the development and mainte- • Disk partitioning and LVM • Skill sets nance of large systems written partly or • Software RAID • Problem areas mostly in Perl. • The RPM package system • Project management tools • Networking Topics include: • User management R5 REGULAR EXPRESSION MASTERY • Dynamically replacing functions with • Automated system installation (AM) Chip Salzenberg, Cloudmark facades • Network-based authentication Who should attend: System administra- • Iterators • User accounts and management tors and users who use Perl, grep, sed, • Building complex parsers—easily! • Network services and xinetd awk, procmail, vi, or emacs. • SSH: port tunneling, keys, tricks Topics include: • New developments • Inside the regex engine • Disasters and optimizations

FULL DAY 9:00 A.M.–5:00 P.M. HALF DAY A.M.: 9:00 A.M.–12:30 P.M.

F1 NETWORK SECURITY MONITORING F3 DISASTER PLANNING (AND F5 PERL PROGRAM REPAIR SHOP AND WITH OPEN SOURCE TOOLS (AM) RECOVERY): HOW TO KEEP YOUR (AM) RED FLAGS Richard Bejtlich, TaoSecurity COMPANY (AND YOUR JOB) ALIVE Chip Salzenberg, Cloudmark Who should attend: Anyone who wants Evan Marcus, Aardvark Technologies, Ltd. Who should attend: Anyone who writes to know what is happening on their net- Who should attend: Sysadmins and Perl programs regularly. Participants work. Anyone with duties involving intru- managers who want to know what they should have at least three months’ experi- sion detection, security analysis, incident need to plan for, and how to carry out the ence programming in Perl. response, or network forensics. plan if disaster ever strikes. Topics may include: Topics include: Topics include: • Families of variables • NSM theory • What a DR plan should contain • Making relationships explicit • Building and deploying NSM sensors • Four methods for testing your plan • Refactoring • Accessing wired and wireless trafﬁc • Downtime and data loss • Programming by convention • Full content tools: Tcpdump, Ethereal/ • Methods and technologies for protecting • Conciseness Tethereal, Snort as packet logger data through a disaster • Why you should avoid the “.” operator • Additional data analysis tools: Tcpreplay, • How a disaster may affect the people • Elimination of global variables Tcpﬂow, Ngrep, Netdude responsible for recovery • Superstition • Session data tools: Cisco NetFlow, • Case study of a company that survived • The “use strict” zombies Fprobe, Flow-tools, Argus, SANCP 9/11 • Repressed subconscious urges • Statistical data tools: Ipcad, Trafshow, F4 WIDE AREA STORAGE NETWORKING: • The cardinal rule of computer program- Tcpdstat, Cisco accounting records ming (AM) SERVER CONSOLIDATION AND DATA • Sguil (sguil.sf.net) • The psychology of repeated code PROTECTION OVER THE WAN NEW! • Case studies, personal war stories, and • What can go wrong with “if” and “else” attendee participation Michael Cucchi, Cambridge Computer • The Condition That Ate Michigan F2 WI-FI, WIMAX, RFID, UWB, ZIGBEE, Who should attend: Sysadmins, IT • Trying it both ways BLUETOOTH, ET AL. FOR DUMMIES managers, and enterprise architects who • Structural vs. functional code are concerned with disaster recovery, . . . AND YOU NEW! • Boolean values data protection, server consolidation, and Don Bailey, Computer Security Engineer • Programs that take two steps forward resource sharing over a WAN. and one step back Who should attend: IT professionals Topics include: • Programs that are 10% backslashes involved or interested in anything wireless, • Remote site backup techniques • Unnecessary shell calls particularly those interested in catching • Continuous Data Protection (CDP) • How (and why) to let “undef” be the spe- up on recently developed wireless tech- • Storage encryption cial value nologies. • Capacity optimized storage devices and • Confusion of internal and external repre- Topics include: WAN accelerators sentations of data • The 802.11 family and where it stands • Host-based vs. SAN-based vs. fabric- • Tool use today based replication • Learning to use a hammer • Bluetooth device attractions and security • Filesystem vs. volume-level vs. applica- • The “swswsw” problem distractions, and the future of Bluetooth tion-level replication • Avoiding special cases • RFID basics and how to lock yourself out • Application fail-over • Using uniform data representations of your apartment • The impact of latency on storage-inten- • Ultra-Wideband and how it will put A/V sive applications pros out of business • Compensating for WAN latencies • What Zigbee is and why it has a silly • WAN accelerators There are no Friday afternoon name • Wide Area File Services (WAFS) half day tutorials. • Cellular data advances such as EVDO, • Email server consolidation GPRS/EDGE/HSPDA . . . 30 Mbps? • Satellite offerings and how bandwidth might get worse

12 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 TRAINING INSTRUCTORS

Daniel L. Appelman Don Bailey David N. Blank-Edelman M7 F2 T8, T12, W5 Daniel L. Appelman is a Don Bailey is a D.C.-area David N. Blank-Edelman is lawyer in the Silicon Valley computer security engineer the Director of Technology office of a major interna- with nearly seven years of at the Northeastern Univer- tional law firm. He has professional experience in sity College of Computer been practicing in the the computer security and Information Science areas of cyberspace and industry. He holds a B.S. in and the author of the software law for many years. He was the computer science from James Madison Uni- O’Reilly book Perl for System Administration. lawyer for Berkeley Software Design in the versity. He has performed numerous vulnera- He has spent the past 20+ years as a sys- BSDi/UNIX System Laboratories (AT&T) case. bility assessments and penetration tests, as tem/network administrator in large multi-plat- Dan is the attorney for the USENIX Associa- well as exploit and virus evaluation, and has form environments, including Brandeis Uni- tion and for many tech companies. He is also developed new secure laboratory technolo- versity, Cambridge Technology Group, and founding chair of his firm’s Information Tech- gies and architectures to support computer the MIT Media Laboratory. He was the pro- nology practice group, is the former chair of network attack–related experimentation and gram chair of LISA ’05 and is one of the LISA the California Bar’s Standing Committee on training. In recent years, Mr. Bailey has tested ’06 Invited Talks co-chairs. Cyberspace Law, and is a current member of and evaluated a wide range of commercial Gerald Carter the California Bar Business Law Section’s and consumer wireless technology. His war- S9, S12, M9, T4, W2, R7 Executive Committee, the Computer Law driving setup and wireless adventures have Gerald Carter has been a Association, and the American Bar Associa- been covered by NBC, NPR, the Washington member of the Samba tion’s Cyberspace Committee. Times, and the Baltimore Sun. Commonly Development Team since referred to as “Beetle,” Mr. Bailey has pre- John Arrasjid 1998. He has been devel- sented on the topic of wireless security at a T5 oping, writing about, and variety of security/hacker conferences. John Arrasjid has 20 years teaching on open source of experience in the com- Richard Bejtlich since the late 1990s. Currently employed by puter science field. His S2, M2, F1 Centeris as a Samba and open source devel- experience includes work Richard Bejtlich is founder oper, Gerald has written books for SAMS with companies such as of TaoSecurity LLC (http:// Publishing and for O’Reilly Publishing. AT&T, Amdahl, 3Dfx Inter- www.taosecurity.com), a Strata Rose Chalup active, Kubota Graphics, Roxio, and his own company that helps clients M13, W8, R4 company, WebNexus Communications, detect, contain, and reme- Strata Rose Chalup (M13, where he developed consulting practices and diate intrusions using net- W8, R4) began as a fledg- built a cross-platform IT team. John is cur- work security monitoring (NSM) principles. ling sysadmin in 1983 and rently a senior member of the VMware Profes- Richard was previously a principal consultant has been leading and sional Services Organization as a Consulting at Foundstone, performing incident response, managing complex IT proj- Architect. John has developed a number of emergency NSM, and security research and ects for many years, serv- PSO engagements, including Performance, training. He has created NSM operations for ing in roles ranging from Project Manager to Security, and Disaster Recovery and Backup. ManTech International Corporation and Ball Director of Network Operations. She has writ- Aerospace & Technologies Corporation. From ten a number of articles on management and 1998 to 2001, Richard defended global working with teams and has applied her man- American information assets in the Air Force agement skills on various volunteer boards, Computer Emergency Response Team including BayLISA and SAGE. Strata has a (AFCERT), performing and supervising the keen interest in network information systems real-time intrusion detection mission. Richard and new publishing technologies and built a Please see wrote the Tao of Network Security Monitoring: successful consulting practice around being Beyond Intrusion Detection and the forthcom- www.usenix.org/lisa06/training an avid early adopter of new tools, starting ing Extrusion Detection: Security Monitoring for complete training program info. with ncsa_httpd and C-based CGI libraries in for Internal Intrusions and Real Digital Foren- 1993 and moving on to wikis, RSS readers, sics. He also wrote original material for Hack- and blogging. Another MIT dropout, Strata ing Exposed, 4th Ed., Incident Response, 2nd founded VirtualNet Consulting in 1993. Ed., and Sys Admin magazine.

Tom Christiansen Lee Damon Jacob Farmer S6 M3, T3 T7, T11 Tom Christiansen has been Lee Damon has a B.S. in Jacob Farmer is a well- involved with Perl since Speech Communication known ﬁgure in the data day zero of its initial public from Oregon State Univer- storage industry. He has release in 1987. Author of sity. He has been a UNIX authored numerous papers several books on Perl, system administrator since and articles and is a regu- including The Perl Cook- 1985 and has been active lar speaker at trade shows book and Programming Perl from O’Reilly, in SAGE since its inception. He assisted in and conferences. In addition to his regular Tom is also a major contributor to Perl’s online developing a mixed AIX/SunOS environment expert advice column in the “Reader I/O” sec- documentation. He holds undergraduate at IBM Watson Research and has developed tion of InfoStor Magazine, the leading trade degrees in computer science and Spanish mixed environments for Gulfstream Aero- magazine of the data storage industry, Jacob and a Master’s in computer science. He now space and QUALCOMM. He is currently lead- also serves as the publication’s senior techni- lives in Boulder, Colorado. ing the development effort for the Nikola proj- cal advisor. Jacob has over 18 years of expe- Mike Ciavarella ect at the University of Washington Electrical rience with storage technologies and is the M10, T3, W3 Engineering department. Among other pro- CTO of Cambridge Computer Services, a fessional activities, he is a charter member of national integrator of data storage and data Mike Ciavarella has been LOPSA and SAGE, and past chair of the protection solutions. producing and editing SAGE Ethics and Policies working groups, technical documentation Rik Farrow and he was the chair of LISA ’04. since the early 1980s. He S5, T9 has been a technical editor Ed DeHart Rik Farrow provides UNIX for MacMillan Press and W4, W7 and Internet security con- has been teaching system administrators Ed DeHart is a former sulting and training. He has about documentation for the past eight years. member of the CERT been working with UNIX Mike has an Honours Degree in Science from Coordination Center, which system security since 1984 the University of Melbourne. After a number of he helped found in 1988. and with TCP/IP networks years working as Senior Partner and head of The CERT was formed by since 1988. He has taught at the IRS, Depart- the Security Practice for Cybersource Pty Ltd, the Defense Advanced ment of Justice, NSA, NASA, U.S. West, Mike returned to his alma mater, the Universi- Research Projects Agency (DARPA) to serve Canadian RCMP, Swedish Navy, and for ty of Melbourne. He now divides his time as a focal point for the computer security many U.S. and European user groups. He is between teaching software engineering, pro- concerns of Internet users. Ed is currently the the author of UNIX System Security, pub- viding expert testimony in computer security president of aspStation, Inc., a data center for lished by Addison-Wesley in 1991, and Sys- matters, and trying to complete a Doctorate. server co-location. tem Administrator’s Guide to System V (Pren- In his ever-diminishing spare time, Mike is a Rudi van Drunen tice Hall, 1989). Farrow is the editor of ;login:. caffeine addict and photographer. T13 Rik lives with his family in the high desert of northern Arizona and enjoys hiking and Michael Cucchi Rudi van Drunen met UNIX mountain biking when time permits. F4 about 25 years ago at the Michael Cucchi has over University of Groningen Esther Filderman 13 years of IT experience. (NL). Nowadays he is M4 He spent seven of those employed as head of infor- Esther Filderman has been years as a lead mation technology at a working with AFS since its Linux/UNIX/Windows sen- medical lab in Leiden, The Netherlands, infancy at CMU, before it ior system admin and lead where he does UNIX system administration was called AFS, and is system administrator for a major data center and applied research in image analysis and currently Senior Operations for the Federal Department of Transportation. neural networks. He is one of the tech gurus Specialist and AFS admin- Michael did a two-year stint as a solution at Wireless Leiden, the leading wireless com- istrator for the Pittsburgh Supercomputing engineer for Ammasso, where he helped munity in the Netherlands, and he has his Center. She has been working to bring AFS launch the ﬁrst RDMA Ethernet NIC. Mike is own open source consultancy company, Xlex- content to LISA conferences since 1999. She currently a consultant for Cambridge Com- it. He has taught a number of classes and is also coordinating documentation efforts for puter, a national integrator of data protection given invited talks on wireless topics at SANE. the OpenAFS project. and storage networking technologies.

14 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 Early Bird Register by November 10, 2006, and SAVE! Discount www.usenix.org/lisa2006

Æleen Frisch Joshua Jensen Matt Larson S4, M8 R2 M5 *Æleen Frisch has been a Joshua Jensen has Matt Larson works in the system administrator for worked for IBM and Cisco Advanced Products and over 20 years. She cur- Systems, and was Red Research Group of rently looks after a patho- Hat’s first instructor, exam- VeriSign Information Ser- logically heterogeneous iner, and RHCE. He vices as a specialist in network of UNIX and Win- worked with Red Hat for DNS protocol and opera- dows systems. She is the author of several four and a half years, during which he wrote tional issues. He is the co-author of the books, including Essential System Adminis- and maintained large parts of the Red Hat O’Reilly & Associates Nutshell Handbooks tration (now in its 3rd edition). curriculum: Networking Services and Security, DNS on Windows Server 2003, DNS on Win- Peter Baer Galvin System Administration, Apache and Secure dows 2000, and DNS on Windows NT. Matt S1, R1 Web Server Administration, and the Red Hat joined VeriSign in June 2000 from Acme Byte Certified Engineer course and exam. Joshua & Wire, a company he started in 1997 with Peter Baer Galvin is the has been working with Linux since 1996 and co-author Cricket Liu. Prior to Acme Byte & Chief Technologist for Cor- finds himself having come full circle: he Wire, Matt worked for five years at Hewlett- porate Technologies, Inc., recently left IBM to work with Red Hat Linux Packard, first in the Corporate Network Ser- a systems integrator and for Cisco Systems. vices group, where he ran hp.com, one of the VAR, and was the Systems largest corporate domains in the world. He Manager for Brown Univer- Murray Kucherawy later joined HP’s professional services organi- sity’s Computer Science Department. He has T6, T10 zation. written articles for Byte and other magazines. Murray Kucherawy has He wrote the “Pete’s Wicked World” and been actively involved in William LeFebvre “Pete’s Super Systems” columns at email system administra- S7, S10 SunWorld. He is currently contributing editor tion and software develop- William LeFebvre is an for Sys Admin, where he manages the Solaris ment since 1990 and has author, programmer, Corner. Peter is co-author of the Operating been awarded two related teacher, and sysadmin Systems Concepts and Applied Operating patents, with a third pending. He has been expert who has been using Systems Concepts textbooks. As a consult- with Sendmail, Inc., for seven years as a sen- UNIX and Internet tech- ant and trainer, Peter has taught tutorials on ior software engineer. Prior to that he com- nologies since 1983. He security and system administration and has pleted a six-year tour of duty in the Internet wrote a monthly column for UNIX Review and given talks at many conferences and institu- Service Provider industry, and also worked for has taught since 1989 for such organizations tions on such topics as Web services, per- three terms as a staff member in computing as USENIX, the Sun User Group (SUG), MIS formance tuning, and high availability. and information technology at the University Training Institute, IT Forum, and Great Circle John Gannon of Waterloo. He is currently working with the Associates. He has contributed to several T5 IETF to advance the progress of sender widely used UNIX packages, including Wietse authentication issues through the standards Venema’s logdaemon package. He is also the John Gannon (T5) has over process. primary programmer for the popular UNIX util- ten years of experience ity top. William is currently an independent architecting and imple- consultant. He received his bachelor’s degree menting UNIX, Linux, and in 1983 and his master of science degree in Windows infrastructures. 1988, both from Rice University. John has worked in network engineering, operations, and professional services roles with various companies including Sun Microsystems, University of Pennsylvania, Scient Corporation, and FOX Sports. John’s current work at VMware involves delivering server consolidation, disaster recovery, and virtual infrastructure solutions to FORTUNE 500 clients.

Tom Limoncelli Evan Marcus Richard McDougall R3 R6, F3 T1 Tom Limoncelli, author of Evan Marcus founded Richard McDougall, had he O’Reilly’s The Art of Time Aardvark Technologies in lived 100 years ago, would Management for System 1994 as a systems con- have had the hood open Administrators and co- sulting company. Evan and on the first four-stroke author of The Practice of Aardvark have produced internal combustion gaso- System and Network many books, papers (white line-powered vehicle, Administration from Addison-Wesley (second and other colors), and tutorials. Along the exploring new techniques for making edition to be premiered at this conference), way, Evan acquired more than 15 years of improvements. He would be looking for sim- is a system administrator at Google in NYC. experience in UNIX systems, through (among ple ways to solve complex problems and He received the SAGE 2005 Outstanding other things) 8 years at VERITAS Software as helping pioneering owners understand how Achievement award. A sysadmin and network a systems engineer, speaker, and author. He the technology works to get the most from wonk since 1987, he has worked at Cibernet, also spent 5 years at Sun Microsystems, and their new experience. These days, McDougall Dean for America, Lumeta, Bell Labs/Lucent, 2 years at Fusion Systems, where he worked uses technology to satisfy his curiosity. He is AT&T, Mentor Graphics, and Drew University. to bring the first high availability clustering a Distinguished Engineer at Sun Microsys- He is a frequent presenter at LISA confer- software applications for SunOS and Solaris tems, specializing in operating systems tech- ences. to market. He also spent 2 years as a system nology and system performance. He is co- Michael W. Lucas administrator on the equities trading floor of a author of Solaris Internals (Prentice Hall PTR, S11 multinational trading institution. He is the lead 2000) and Resource Management (Sun author of Blueprints for High Availability from Microsystems Press, 1999). Michael W. Lucas John Wiley & Sons and co-author and co-edi- (http://www.blackhelicop- Adam Moskowitz tor of The Resilient Enterprise from VERITAS ters.org/~mwlucas) is a M11 Publications. He is a well-regarded and popu- network engineer whose Adam Moskowitz in his lar speaker on the design of highly available UNIX experience is old roles as IT manager and and disaster resilient systems, and on fixed- enough to drink. He’s senior system administra- content storage archives. worked on networks that span the planet, tor, and on behalf of sever- networks with three people on them, and just James Mauro al of his consulting clients, about everything in between. Lucas is the T1 has interviewed more can- author of several critically acclaimed books, James Mauro is a Senior didates for system administration positions including Absolute BSD, Absolute OpenBSD, Staff Engineer in the Per- than he can remember. By virtue of having Cisco Routers for the Desperate, and PGP & formance and Availability worked for a lot of companies that are no GPG. He has a slew of certifications for Engineering group at Sun longer in business, he has been a candidate assorted security vendor products, as well as Microsystems. Jim’s cur- for almost that many system administration a CISSP. He has spent the past few years rent interests and activities positions. Over the years he’s been asked eliminating the guesswork from network man- are centered on benchmarking Solaris 10 per- good questions, bad questions, and horrible agement and replacing it with fact-based formance, workload analysis, and tool devel- questions, and has seen candidates become troubleshooting. opment. This work includes Sun’s new flummoxed when asked what seemed like Opteron-based systems and multicore per- rather simple questions. All this plus his formance on Sun’s Chip Multithreading (CMT) almost 30 years of experience in the field (not Niagara processor. Jim resides in Green to mention a darned good ratio of interviews Brook, New Jersey, with his wife and two to job offers) have given Adam considerable sons. He spent most of his spare time in the field experience to draw on for this tutorial. past year working on the second edition of When he’s not in an interview, Adam works as Solaris Internals. Jim co-authored the first a system administrator at Upromise, Inc.—but edition of Solaris Internals with Richard only to support his hobby of judging barbe- McDougall and has been writing about Solaris cue contests and to keep food in his puppy’s in various forums for the past eight years. bowl.

16 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 Early Bird Register by November 10, 2006, and SAVE! Discount www.usenix.org/lisa2006

David Rhoades John Sellens Theodore Ts’o M6 S3, M12 S8 *David Rhoades is a princi- John Sellens (S3, M12 ) Theodore Ts’o has been a pal consultant with Maven has been involved in sys- Linux kernel developer Security Consulting, Inc. tem and network adminis- since almost the very Since 1996, he has provid- tration since 1986 and is beginnings of Linux: he ed information protection the author of several relat- implemented POSIX job services for various FOR- ed USENIX papers, a num- control in the 0.10 Linux TUNE 500 customers. His work has taken ber of ;login: articles, and the SAGE Short kernel. He is the maintainer and author of the him across the U.S. and abroad to Europe Topics in System Administration booklet #7, Linux COM serial port driver and the Comtrol and Asia, where he has lectured and consult- System and Network Administration for High- Rocketport driver, and he architected and ed in various areas of information security. er Reliability. He holds an M.Math. in comput- implemented Linux’s tty layer. Outside of the David has a B.S. in computer engineering er science from the University of Waterloo and kernel, he is the maintainer of the e2fsck from the Pennsylvania State University and is a chartered accountant. He is the proprietor filesystem consistency checker. Ted is cur- has taught for the SANS Institute, the MIS of SYONEX, a systems and networks consul- rently employed by IBM Linux Technology Training Institute, and ISACA. tancy. From 1999 to 2004, he was the Gener- Center. Chip Salzenberg al Manager for Certainty Solutions in Toronto. Jeff Victor R5, R8, F5 Prior to joining Certainty, John was the Direc- W1 tor of Network Engineering at UUNET Canada Chip Salzenberg is Princi- Jeff Victor has been using and was a staff member in computing and pal Engineer at Cloudmark, UNIX systems since 1984. information technology at the University of where he fights spam with His two-decade career has Waterloo for 11 years. flair and aplomb. Chip is included software design also chief coder (“pump- Abe Singer and development, network king”) of the Parrot virtual T2, W6 and telecomm administra- machine (http://parrotcode.org,) with which Abe Singer is a Computer tion, and nine years as a Systems Engineer at Chip plans to bring all dynamic languages Security Researcher in the Sun Microsystems. Recently Jeff wrote the together and, in the darkness, dynamically Security Technologies Sun BluePrint “Solaris Containers Technology bind them. Group at the San Diego Architecture Guide” and the “How to Move a Chip is a well-known figure in the Perl and Supercomputer Center. In Container” guide, both available at www.sun free and open source communities, having his operational security .com. He also maintains the Solaris Zones worked on free and open source software for responsibilities, he participates in incident and Containers FAQ at opensolaris.org. Jeff over 20 years, Perl for 18 years, and Linux for response and forensics and in improving the holds a B.S. in Computer Science from Rens- 13 years. Chip was pumpking for Perl release SDSC logging infrastructure. His research is in selaer Polytechnic Institute. 5.4. He created the automated Linux install- pattern analysis of syslog data for data mining. Alf Wachsmann and-test system for VA Linux Systems and He is co-author of of the SAGE booklet Build- M4 ing a Logging Infrastructure and author of a was VA’s Kernel Coordinator. Chip is a peren- Alf Wachsmann is working forthcoming O’Reilly book on log analysis. nial presenter at the O’Reilly Open Source at the Stanford Linear Conference and YAPC (Yet Another Perl Con- Marc Staveley Accelerator Center (SLAC) ference), teaches Perl and C++ commercially, M1, R1 in the Computing Services’ and has been published by O’Reilly and Pren- Marc Staveley works with High-Performance Com- tice Hall on Perl and other topics. Soma Networks, where he puting Group, where he is When away from his keyboard, Chip plays is applying his many years an infrastructure designer and automation with (live) parrots and trains in Krav Maga. of experience with UNIX specialist. He has a doctor’s degree in natural Chip’s journal is at http://pobox.com/~chip/ development and adminis- sciences obtained in Computer Science at journal/. tration in leading their IT the University of Paderborn (Germany). He group. Previously Marc had been an inde- worked as a post-doc in the computing cen- pendent consultant and also held positions at ter of DESY Zeuthen (Germany) before he Sun Microsystems, NCR, Princeton Universi- came to SLAC in 1999. ty, and the University of Waterloo. He is a frequent speaker on the topics of standards- based development, multi-threaded programming, system administration, and performance tuning. REGISTER BY NOVEMBER 10 AND SAVE! • 17 TECHNICAL SESSIONS WEDNESDAY, DECEMBER 6

8:45 A.M.–10:30 A.M. 11:00 A.M.–12:30 P.M.

Opening Remarks, Awards, Keynote REFEREED PAPERS Keynote Address Electronic Mail Hollywood’s Secret War on Your Privilege Messaging: An Authorization Framework over Email Infrastructure NOC Brent ByungHoon Kang, Gautam Singaraju, and Sumeet Jain, University Cory Doctorow, science fiction writer, co- editor of Boing Boing, and former Director of North Carolina at Charlotte of European Affairs for the EFF Securing Electronic Mail on the National Research and Academic Network of Italy The entertainment industry has tried to ban every new technology from the Roberto Cecchini, INFN, Florence; Fulvia Costa, INFN, Padua; Alberto record player to the VCR, but when it comes to the Inter- D’Ambrosio, INFN, Turin; Domenico Diacono, INFN, Bari; Giacomo Fazio, net and the general-purpose PC—the battleground of the INAF, Palermo; Antonio Forte, INFN, Rome; Matteo Genghini, IASF, war on copying—Hollywood has far grimmer plans. Under Bologna; Michele Michelotto, INFN, Padua; Ombretta Pinazza, INFN, a variety of legislative, standards, policy, and treaty negoti- Bologna; Alessandro Spanu, INAF, Palermo; Alfonso Sparano, University ations, the people who brought you Police Academy n–1 of Salerno are working to prohibit open source, make open ports a A Forensic Analysis of a Distributed Two-Stage Web-Based Spam crime, and turn Web 2.0 into AOL 0.9b. You can fight Distribution System this—you can put a stake through its heart. If you don’t, Daniel V. Klein, LoneWolf Systems kiss everything you love about the Internet goodbye. INVITED TALKS I Teaching Problem Solving: You Can and You Should Elizabeth Zwicky, Acuitus Problem solving is the essence of what most system administrators do, but it’s not often taught, and there’s a lot of mystique that says it can’t be taught. In fact, it’s Training and Technical Sessions: a skill, and it can be taught to the same extent that other skills can be taught. The The Perfect Combination most important tool in teaching it is simply a belief that it can be taught; this talk will attempt to convince you, and will provide you with more tools you can use to teach. LISA ’06 is designed to give you the optimum learning INVITED TALKS II experience. To get the most out of LISA ’06, we encourage you to take part in both training and technical Sysadmins, Network Managers, and Wiretap Law sessions. Please note that you cannot take a full day of Alex Muentz, Geek and Corporate Counsel, Cornerstone IT training and a full day of tech sessions on the same day. How does the law affect how you secure your network and the privacy of your Do not despair, though; all is not lost. Take advantage of users? CALEA, the Wiretap Act, the Stored Communications Act, and FISA all Registration Package G, Wednesday/Thursday Half-and- affect how you do your job—how you can protect yourself, your company, and Half Tech and Training: Attend any combination of two your users from lawsuits and prosecution. half-days of training and two half-days of technical THE GURU IS IN sessions on Wednesday and Thursday. To help you UNIX and Microsoft Interoperability make your decisions, the complete training program Joseph Radin, Ricoh Company schedule can be found on pp. 4–12 and the following pages have the entire Technical Sessions schedule laid Joseph Radin is currently working at the Ricoh Company as an Engineering Man- ager. For the past 6 years Joseph has served as a technical advisor to a number out for you. Finally, learn more about Package G and of major FOTRTUNE 500 companies, defining problems and implementing solu- our other discount registration packages on p. 29. tions, many of which involved UNIX-Microsoft interoperability. Mr. Radin has authored four books on UNIX system administration, UnixWare OS, the Mosaic Internet browser, and X Windows.

18 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 See www.usenix.org/lisa06/tech for complete technical program info.

2:00 P.M.–3:30 P.M. 4:00 P.M.–5:30 P.M.

REFEREED PAPERS REFEREED PAPERS Boundaries Security Firewall Analysis with Policy-based Host Classification Administering Trusted Computing on a Linux System: Robert Marmorstein and Phil Kearns, The College of William and Mary Why Would I Turn Trusted Computing On? Secure Mobile Code Execution Service Kylene Hall, Tom Lendacky, Emily Ratliff, and Kent Yoder, IBM Lap-chung Lam, Yang Yu, and Tzi-cker Chiueh, Rether Networks Inc. Centralized Security Policy Support for Virtual Machine System FLAIM: A Multi-level Anonymization Framework for Computer Nguyen Anh Quynh, Keio University and Network Logs A Platform for RFID Security and Privacy Administration Adam Slagell, Kiran Lakkaraju, and Katherine Luo, National Center for Melanie R. Rieback, Georgi N. Gaydadjiev, Bruno Crispo, Rutger F.H. Supercomputing Applications, University of Illinois at Urbana-Champaign Hofman, and Andrew S. Tannenbaum, Vrije Universiteit Amsterdam INVITED TALKS I INVITED TALKS I Site Reliability at Google/My First Year at Google Open Source Software and Its Role in Space Exploration Tom Limoncelli, Google DJ Byrne, Software Engineer, Jet Propulsion Laboratory Tom will speak about what it’s like to be on the team that runs www.google.com’s Open source developers and NASA have a lot in common. Both are dedicated to services and explore some of the technologies that enable Google’s Web services to expanding the pool of information floating freely through society. Both are focused on maintain their high uptime. Google’s “service oriented network” (SON) enables the the cutting edge, creating new tools and capabilities. Open source software explores creation of new products that are scalable and maintainable. Tom will give a sysad- our solar system and observes the universe. For example, software on and around min’s view of Google technologies such as GFS, MapReduce, Sawmill, and more. He Mars today was built with gcc out of a CVS repository stored in AFS, using Kerberos will also describe how to make a policy that is “Googley.” authentication. INVITED TALKS II INVITED TALKS II Leveraging the IT Community Virtualization: The Good, the Bad, the Ugly 4:00 p.m.–4:40 p.m. Patrick McGovern, Chief Community Splunker, Splunk Michael Baum, Splunk Troubleshooting servers can be a daunting task, particularly at 3:00 a.m. Leveraging As virtualization goes mainstream into the IT infrastructure, managers and admins the expertise and knowledge of IT professionals globally to find the solution greatly must contend with the new level of system complexity it introduces into the data reduces the mean-time-to-resolution. This talk is focused on building a new broad center. It’s not possible to virtualize without adding an additional layer of software resource for sysadmins by sysadmins. Starting with the concepts that made the site and hardware to the myriad technologies already deployed within its legacy systems. Wikipedia a great success and tools like grep so universal, this talk will discuss the Baum will discuss the challenges of virtualization and offer troubleshooting tips. challenges of building a large IT community/knowledge base and how to bring IT The New Economics of Virtualization 4:40 p.m.–5:20 p.m. troubleshooting to the next level. Alex Vasilevsky, Founder and CTO, Virtual Iron Software THE GURU IS IN Virtualization holds great promise, but proprietary technologies add cost and com- LDAP plexity. This session looks at how virtualization makes the data center more efficient Howard Chu, Chief Architect, Symas Corp. and flexible while accelerating its initiatives and improving total cost of ownership. We’ll assess the virtualization landscape and discuss strengths and weaknesses of Howard Chu has deep experience with system networking and security technologies. existing and new virtualization solutions. He started working with OpenLDAP in 1998 and has been one of the leading developers on the OpenLDAP core team since 1999. He is currently working on a book on THE GURU IS IN OpenLDAP administration, to be released in spring 2007. Spam Doug Hughes, Global Crossing Please see Doug Hughes takes care of the ISP and relay mail servers for an international www.usenix.org/lisa06/tech telecommunications provider and spends far too much time figuring out how to stop the servers from being overwhelmed with spam. He talked about some of the tech- for complete technical program niques used to do so at LISA ’04’s Spam Mini-Symposium and also last year in a information. Guru session. This will be a practical discussion of what things work, what things don’t, and what things might.

9:00 A.M.–10:30 A.M. 11:00 A.M.–12:30 P.M.

REFEREED PAPERS REFEREED PAPERS Theory Analysis Specification-Enhanced Policies for Automated Management of Towards Customer-friendly Kernel Crash Analysis Changes in IT Systems Archana Ganapathi, Viji Ganapathi, and David Patterson, University of Chetan Shankar, University of Illinois at Urbana-Champaign; Vanish Talwar, California, Berkeley v Subu Iyer, Yuan Chen, and Dejan Milojicic´, Hewlett-Packard Laboratories; SEUS: A Distributed System Environment for Understanding Roy Campbell, University of Illinois at Urbana-Champaign Software Actions Experience Implementing an IP Closure Doo San Sim and V.N. Venkatakrishnan, University of Illinois at Chicago Ning Wu and Alva Couch, Tufts University ResMon: A Tool for Discovering Software Dependencies, Modeling Next Generation Configuration Management Tools Configuration, and Requirements in Windows Mark Burgess, Oslo University College; Alva Couch, Tufts University Rajiv Ramnath, Sufatrio, Roland Yap, and Wu Yongzheng, National Universi- INVITED TALKS I ty of Singapore INVITED TALKS I Everything You Know About Monitoring Is Wrong Mazda A. Marvasti, Integrien Corporation Perfect Data in an Imperfect World Daniel V. Klein, Consultant This talk will propose an alternative approach to managing complex distributed systems. Mazda will explain why inference from key metrics allows real-time under- It is no secret that we are at the dawn of the digital age—our parents have comput- standing of the health of a distributed system in a way that sucking data from a ers, digital cameras, MP3 players, etc. We each have more computing power in our packet-level fire hose does not. He’ll explore the value of a steady stream of out-of- cell phones than the mainframes of 35 years ago, and everywhere we find data normal alerts, question the value of end-to-end service mapping, and explore acquisition and tracking systems. Privacy has never been more zealously guarded whether virtualization is the silver bullet for coping with complexity. nor more freely abandoned. This talk will take a look at what our world is becoming, INVITED TALKS II and perhaps suggest what we can do to make it a little less imperfect. INVITED TALKS II Command and Control: System Administration at U.S. Central Command QA and the System Administrator Andrew Seely, Global Command and Control System Lead, HQUSCENT- Adam Haberlach, Google COM-J6/Northrop Grumman Defense Mission Systems As enterprises grow and more tools and services are provided by the System Admin- This talk will serve as an introduction to the function of military Command and Con- istration Organization, there is a greater need for customer representation and inde- trol (C2) from a systems support perspective. Andy will discuss performing the pendent validation of both internal and external applications. We will share with you sysadmin role in a military environment where systems can have a critical life-or- some of the tools and techniques that we’ve developed in order to guarantee a qual- death function. He will also share examples of scripts and techniques used to solve ity experience and maximize the productivity of our engineers. At the very least, we’ll problems created by the C2 systems environment. Finally, he will offer a glimpse into tell you why they only notice when things don’t work. this unique environment’s special quirks, challenges, and interesting lessons THE GURUS ARE IN learned. How to Get Your Paper Accepted at LISA HIT THE GROUND RUNNING TRACK Tom Limoncelli, Google; Adam Moskowitz, Upromise, Inc. Find out from the experts what you need to know to get started on the following topics: Tom Limoncelli, author of O’Reilly’s The Art of Time Management for System Admin- Identity Management Build a Linux Oracle RAC Cluster istrators and co-author of The Practice of System and Network Administration from Jon Finke, Chris Page, Corporate Technologies, Addison-Wesley (second edition to be premiered at this conference), is a system Rensselaer Polytechnic Institute Inc. administrator at Google. He received the USENIX/SAGE 2005 Outstanding Achieve- AFS NFSv4 ment award. Esther Filderman, Michael Eisler, NetApp Adam Moskowitz, author of the SAGE Short Topics booklet Budgeting for SysAdmins, The OpenAFS Project SNMP is a Senior System Administrator at Upromise, Inc.; he has also been a programmer, Doug Hughes, Global Crossing a manager of system administrators, and a certified barbecue judge. Adam has run the LISA Advanced Topics Workshop for almost 10 years, has served on many pro- For more info about the Hit the Ground Running track, see www.usenix.org/lisa06/htg. gram committees, and has served as LISA Invited Talks (Co-)Chair three times.

20 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 Early Bird Register by November 10, 2006, and SAVE! Discount www.usenix.org/lisa2006

2:00* P.M.–3:30 P.M. 4:00 P.M.–5:30 P.M. REFEREED PAPERS REFEREED PAPERS Systems and Network Management Visualization LiveOps: Systems and Security Management as a Service NAF: The NetSA Aggregated Flow Tool Suite Chad Verbowski, Microsoft Research; Juhan Lee, Microsoft MSN; Yi-Min Brian Trammell, Carnegie Mellon University; Carrie Gates, CA Labs, CA Wang, Microsoft Research Interactive Network Management Visualization with SVG and AJAX Managing Large Networks of Virtual Machines Athanasios Douitsis and Dimitrios Kalogeras, National Technical University of Kyrre Begnum, Oslo University College Athens, Greece Directing Change Using Bcfg2 Bridging the Host-Network Divide: Survey, Taxonomy, and Solution Narayan Desai, Rick Bradshaw, and Cory Lueninghoener, Argonne National Glenn A. Fink and Vyas Duggirala, Virginia Polytechnic Institute and State Laboratory University; Ricardo Correa, University of Pennsylvania; Chris North, Virginia INVITED TALKS I Polytechnic Institute and State University INVITED TALKS I High Availability: From Luxury to Commonplace Necessity in 10 Years The Last, Best Hope: Sysadmins and DBAs as the Last Eric Hennessey, Group Technical Product Manager, Symantec Corp. Guardians of Privacy This session will cover the evolution of high-availability clustering, from server-cen- Danny O’Brien, Activism Co-ordinator, Electronic Frontier Foundation tric active-passive paired systems, through larger and more sophisticated clusters, to Accusations that the NSA has access to 20Tb of commercial phone data. Mooted wide-area clustering. We’ll discuss the technologies that have enabled the evolution plans by the Attorney General to introduce compulsory data retention. Meanwhile, and the current state of clustering technology. We’ll discuss the trend of using clus- Google has all your email, that online quiz site knows your political opinions, and tering as a service management tool, and the evolution to full data center and appli- MySpace knows what your children like for lunch. Danny O’Brien takes a whistle- cation management. stop tour of our privacy laws, the current status of surveillance, and how the best INVITED TALKS II chance of protecting privacy in a digital age might just lie in the BOFH. INVITED TALKS II What Do You Mean, Identity 2.0? Cat Okita, Earthworks Is Entropy Winning? Drowning in the Data Tsunami Identity management means different things to different people—everything from Lee Damon, Sr. Computing Specialist, University of Washington; Evan Mar- passwords through pgp to marketing preferences. What are the essential elements cus, CTO and Founder, Aardvark Technologies, Ltd of the Identity 2.0 movement, and why should a system administrator care about any We’re drowning under a wave of data and are oblivious to it. As data space expands of this in the ﬁrst place? we will start losing track of—and thus losing—our data. Archival backups add com- This talk will discuss the current state of Identity 2.0, starting with a brief survey of plexity to this already confusing situation. Then we toss in security and availability identity management from AAA to the user-centric identity model of Identity 2.0. I issues for some spice. Where is this going, and how can we handle it in the face of will then use Jon Callas’s breakdown of identity management types to categorize millions of gigabytes of “old cruft”? and describe how and why the average system administrator would implement Iden- THE GURU IS IN tity 2.0. Time Management for System Administrators THE GURU IS IN Tom Limoncelli, Google VoIP Tom Limoncelli, author of O’Reilly’s The Art of Time Management for System Admin- Robert Sparks, Estacado Systems istrators and co-author of The Practice of System and Network Administration from Robert Sparks is the VP of Research and Development at Estacado Systems, provid- Addison-Wesley (second edition to be premiered at this conference), is a system ing solutions in real-time IP communications. He is a co-author of the core SIP spec- administrator at Google. He received the USENIX/SAGE 2005 Outstanding Achieve- iﬁcation, RFC3261, and several of its extensions. He is also co-author of the book ment award. SIP Beyond VoIP: The Next Step in the IP Communications Revolution. He co-chairs Please see the IETF’s SIMPLE working group, is currently President and on the board of direc- tors of the SIP Foundry, and is an active contributor to the reSIProcate project. www.usenix.org/lisa06/tech for complete technical program information. REGISTER BY NOVEMBER 10 AND SAVE! • 21 TECHNICAL SESSIONS FRIDAY, DECEMBER 8

9:00 A.M.–10:30 A.M. 11:00 A.M.–12:30 P.M.

NETWORK SECURITY TRACK REFEREED PAPERS Black Ops 2006: Pattern Recognition Potpourri Dan Kaminsky, DoxPara Research The NMI Build & Test Laboratory: Continuous Integration Framework for Distributed Computing Software The “Black Ops” series of talks tend to look for useful functionality in existing sys- Andrew Pavlo, Peter Couvares, Rebekah Gietzel, Anatoly Karp, Ian D. Alder- tems, and this year’s edition is no exception. Topics will include: man, and Miron Livny, University of Wisconsin, Madison; Charles Bacon, • Detecting selective degradation along network paths Argonne National Laboratory • Results from a worldwide SSL scan Unifying Unified Voice Messaging • Cryptomnemonics • A midpoint between dumb fuzzing and smart fuzzing Jon Finke, Rensselaer Polytechnic Institute • Dotplots as a guide for fuzzing Trackle: A Tracking and Training Tool • Visual Bindiff Daniel S. Crosta, Matthew J. Singleton, and Benjamin A. Kuperman, INVITED TALKS II Swarthmore College NETWORK SECURITY TRACK Seriously, Tape-Only Backup Systems Are Dead W. Curtis Preston, Glasshouse Zombies and Botnets: Attacks on Messaging Security by Organized Criminal Enterprises If you’re performing LAN-based backups directly to today’s tape drives, you’re doing nothing but shooting yourself in the foot. The good news is that a number of vendors Dmitri Alperovitch, Research Scientist, CipherTrust Inc. have worked very hard on disk-based solutions that solve all these problems. This Today millions of zombies—innocent home and business computers that have been talk will sift through your options while offering many stories of real people who have taken over by highly organized, interconnected criminal groups—are the biggest IT actually made their backup system faster and more reliable by using one or more threat to organizations and individuals. Dmitri Alperovitch sees firsthand billions of these disk-based options. global messages per month and will provide a view into zombie networks, an analy- THE GURUS ARE IN sis of attacker methods and techniques, an overview of phishing and how phishing attacks propagate, and what organizations can do to protect themselves. Virtualization and the Virtual Infrastructure INVITED TALKS II John Arrasjid, John Gannon, and Andy Knosp, VMware Power-Managed Storage: Longer Data Life and Lower Energy John Arrasjid has 20 years’ experience in the computer science field. He is currently Consumption a senior member of the VMware Professional Services Organization as a Consulting Architect. John has developed a number of service offerings focused on perform- Aloke Guha, COPAN Systems ance management, security, and disaster recovery and backup. With escalating energy costs and growing power consumption, the utility bills at John Gannon has over ten years of experience architecting and implementing UNIX, many enterprise datacenters now exceed hardware acquisition costs. This talk will Linux, and Windows infrastructures. John is currently responsible for delivering serv- discuss the reliability of high-capacity disk storage systems that are being increas- er consolidation, disaster recovery, and virtual infrastructure solutions to VMware’s ingly used to archive persistent data over long time periods. We will cover how long- FORTUNE 500 clients. term data repositories using Massive Array of Idle Disk (MAID) technologies that power-manage drives can reduce the failure rates. Andy Knosp has over ten years of experience in corporate IT and professional servic- HIT THE GROUND RUNNING TRACK es. Andy is currently Director of Professional Services at VMware and manages a team of technical professionals responsible for delivering server consolidation, disas- Find out from the experts what you need to know to get started on the following topics: ter recovery, and virtual infrastructure solutions to VMware’s FORTUNE 500 clients. Bad Interview Questions bcfg2 Adam Moskowitz, Upromise, Inc. Narayan Desai, Argonne National Spam Laboratory John “Rowan” Littell, California Puppet College of the Arts Luke Kanies, Reductive Labs Mac OS X Tom Limoncelli, Google For more info about the Hit the Ground Running track, see www.usenix.org/lisa06/htg. Don’t miss a special lunchtime talk by Alva Couch: see p. 23.

22 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 Early Bird Register by November 10, 2006, and SAVE! Discount www.usenix.org/lisa2006

2:00* P.M.–3:30 P.M. 4:00 P.M.–5:30 P.M. WORK-IN-PROGRESS REPORTS (WIPS) Closing Session A Work-in-Progress Report (WiP) is a very short presentation about work you are Improv for Sysadmins currently undertaking. It is a great way to poll the LISA audience for feedback and Bob Apthorpe, St. Edward’s University; Dan Klein, Consultant interest. We are particularly interested in presentations of student work. To sched- Have you ever seen “Whose Line Is It Anyway?” and marveled at the ule your short report, send email to [email protected] or sign up at LISA ’06. actors? Although it may not be obvious, improvisors and sysadmins have a NETWORK SECURITY TRACK lot in common! We both have to think on our feet, often “winging it,” and both groups actively practice ad hoc problem-solving. Management calls it Corporate Security: A Hacker Perspective “thinking outside of the box,” and we say “welcome to our world.” Mark “Simple Nomad” Loveless, Security Architect, Vernier Networks, Inc. From the outside, good improv looks like a lot of fun (it is!), and good sys- Hackers typically have a flavor of the month when it comes to getting in. This talk tem administration looks easy and fun (why else do we have toys in our will walk you through what hackers are truly looking to achieve—their holy cubes?). Both groups have fun because they both create environments to grail—and what avenues they are currently looking to exploit to find it. The talk bring people together and make good things happen. At its core, improvi- will be frank and to the point, based upon personal interactions and experiences. sation is not about being funny so much as it is about carefully listening, Expect an extremely lively, educational, controversial, and entertaining talk. clearly expressing oneself, and confidently making decisions and taking INVITED TALKS II action. So is system administration. Our goal is to get paid to play. System Administration: Drowning in Management Complexity This session will relate improvisational acting concepts to system adminis- Chad Verbowski, Software Architect, Microsoft Research tration. Improv can show us how our responses to others can be misinter- preted and, more important, how to change that by producing a construc- Yearly increases in the variation, complexity, and volume of systems management tive dialogue. Understanding your audience and their context can make tasks are outpacing our ability to hire qualified administrators to maintain our IT everything move much more smoothly! Other topics will include the role environments. This talk presents a new black-box approach for reducing the com- body language plays in communication, especially in the communication plexity of systems and security management faced by administrators. The goal is of status, and the importance of observation and attention to detail, with to show this as a scalable alternative compared with current signature and declar- an emphasis on “active listening,” saying “yes, and . . . ,” and other obser- ative management approaches. vation/communication techniques. THE GURU IS IN The session concludes with a question-and-answer period and additional Backups improv demonstrations as time permits. We won’t try to be funny, but we W. Curtis Preston, Glasshouse know that you’ll enjoy learning some incredibly valuable improvisational W. Curtis Preston is well known to LISA audiences, having spoken at several LISAs techniques. over the years. He’s been a data protection specialist for 13 years, and is known to his friends as “Mr. Backup.” He’s the author of the O’Reilly books Backup & Recovery and Using SANs and NAS, and has hundreds of articles to his credit as well. LUNCHTIME TALK FRIDAY, 1:00 P.M.–1:45 P.M. The Future of System Administration: How to Stop Please see Worrying and Learn to Love Self-Managing Systems Alva L. Couch, Associate Professor of Computer Science, Tufts www.usenix.org/lisa06/tech University for complete technical program The profession of system administration is currently threatened by information. many forces, including self-managing products, a lack of upward mobility paths, and a growing trend toward outsourcing. I explore how ongoing changes in the systems we manage can drive positive changes in the profession. We must learn to interact with the systems we manage at a very different level than we are currently trained to do.

JOIN YOUR PEERS FOR THREE SCHEDULE AS OF AUGUST 31, 2006 Managing Sysadmins Workshop DAYS OF FOCUSED DISCUSSION For the complete schedule of workshops, Tom Limoncelli, Google; see www.usenix.org/lisa06/workshops. Cat Okita, Independent Consultant • Senior system administrators will want 9:00 a.m.–5:00 p.m. Monday, December 4 to participate in one or more of these all- This one-day workshop, intended for system day workshops. Attendance is limited for Configuration Management Workshop administrators taking on management roles and each workshop, which ensures a semi- Paul Anderson, University of Edinburgh managers of system administrators, provides an nar-like atmosphere. 9:00 a.m.–5:00 p.m. informal roundtable discussion of problems facing managers today. Attendees will take turns • Please note that these workshops are Specifying the required configurations for large introducing issues they are experiencing, and the full-day sessions. Attending a workshop numbers of interconnected machines and auto- group will share their experiences with similar sit- precludes attending training sessions on matically installing those configurations to pro- uations and discuss options and solutions. that day. vide an overall service has been been a impor- Attendees should manage (or act as team lead tant topic since the very early LISA conferences. to) two or more system administrators. The • To attend a workshop, you must be a Automatic tools are essential for anyone who workshop will be facilitated by Cat Okita, inde- registered conference attendee as well wants to manage more than a few machines effi- pendent consultant, and Tom Limoncelli, author ciently and to have confidence in their correct- as an accepted workshop participant. of Time Management for System Administrators ness and security. See the individual descriptions for infor- and co-author of The Practice of System and This workshop follows on from previous years, Network Administration. To attend the workshop, mation on how to apply to attend a work- with the intention of discussing the fundamental send email to [email protected]. shop. Accepted applications will be con- problems of current approaches to system con- firmed by the workshop coordinator. figuration and looking at the requirements and possible solutions for the next generation of con- Tuesday, December 5 • There is an additional fee of $150 to attend figuration languages and tools. This year's work- Advanced Topics Workshop a workshop, payable on-site only; this shop will include a number of sessions targeted fee includes lunch on the day of the work- at automatic validation of configurations. More Adam Moskowitz, Upromise, Inc. shop. See the box below for details about details, together with information on previous 9:00 a.m.–5:00 p.m. how to register. workshops and a mailing list, are available at This workshop, intended for very senior adminis- http://homepages.informatics.ed.ac.uk/group/ trators, provides an informal roundtable discus- lssconf. sion of the problems facing system administra- The workshop will be a mixture of short presen- tors today. Attendance is limited and based on tations and informal discussions; participation is acceptance of a position paper (plain ASCII, welcome, both from those with experience in the three paragraphs maximum); a typical paper field and from those looking for configuration covers what the author thinks is the most difficult solutions. However, active participation will be or important issue facing system administrators expected. For an invitation, send a short email to today, why this is a problem, and why this prob- [email protected]. Please include a lem is important. More information about the brief description of your areas of interest/experi- workshop and about position papers can be ence, and indicate whether you would be pre- found at http://menlo.com/atw06; position pared to make a short presentation. papers should be sent to [email protected]. Attendees are required to bring a laptop computer.

WORKSHOP REGISTRATION IS ON-SITE ONLY REGISTRATION HOURS:

How It Works: When you arrive at LISA ’06, collect your Saturday, December 2, 5:00 p.m.–8:00 p.m. technical sessions registration materials, then Sunday, December 3, 7:30 a.m.–5:00 p.m. proceed to the Workshop Registration Desk. Acceptable forms of payment are Visa, MasterCard, American Monday, December 4, 7:30 a.m.–5:00 p.m. Express, Discover, cash, and check. Tuesday, December 5, 7:30 a.m.–5:00 p.m. Questions? Contact [email protected]. Morning workshop registration lines may be long. Please try to register in the afternoon or evening before your workshop, to ensure that you get to your workshop on time.

24 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 SEE WHAT’S NEW AT THE . . .

VENDOR EXHIBITION

SEE WHAT’S NEW AT THE EXHIBITORS AS OF LISA ’06 VENDOR AUGUST 31, 2006 Make knowledgeable decisions on products and services for EXHIBITION Advanced Computer & Network Corporation your business needs. Exhibitor Wednesday, December 6, Avocent demonstrations save you hours noon–7:00 p.m. Bakbone Software of research and let you quickly Thursday, December 7, BlueArc Corporation compare solutions. 10:00 a.m.–2:00 p.m. *BSD Projects EVERYONE IS WELCOME! Carlo Gavazzi Computer Solutions Cambridge Computer Services, Inc. The exhibition is open to the public. Register for a free pass at EAGLE Software, Inc. LISA ’06 Sponsorship www.usenix.org/lisa06/exhibition. e-DMZ Security & Exhibiting Opportunities Google GroundWork Open Source Solutions, VENDOR EXHIBITION • Get system administrators talking Inc. about your products and services. Lantronix Learn about the latest and greatest • Sell your solutions to a qualiﬁed technologies and tools from industry MRV audience. leaders, provocative startups, and Net Optics • Conduct market research and enlist beta testers. open source projects. The OpenNMS Group, Inc. • Recruit among highly experienced, See demonstrations of innovative prod- PostgreSQL highly educated system adminis- ucts and services that can optimize Raritan trators. your systems, network, and Internet Server Technology • Enhance your visibility among rec- management—and simplify your life. ognized leaders of the system, net- Splunk Get in-depth answers from well- work, and security administration communities. informed company representatives. The Written Word (LISA exhibitors know to send technical See www.usenix.org/lisa06/sponsors for details or contact Cat Allman, people to this event!) USENIX Sales Director: (510) 528- Buy books at discounted prices, and “I got lots of great 8649 x32 or [email protected]. get them signed by the authors. information and learned about some great solutions.”

a LISA attendee

USENIX: THE ADVANCED COMPUTING SYSTEMS ASSOCIATION Since 1975, USENIX has brought together the community of system USENIX & SAGE DUAL SUPPORTING MEMBERS administrators, innovators, engineers, scientists, and technicians work- Ajava Systems, Inc. Splunk ing on the cutting edge of computing. Our mission is to support research and technical training for this dynamic community and our over 5,000 Microsoft Research Taos active members. USENIX created the LISA conference 20 years ago, and Raytheon Tellme Networks it has become the forum for real-world, in-depth system administration training. A USENIX membership offers you all you need to stay ahead of USENIX SUPPORTING MEMBERS the game in the ever-changing world of IT, including a dedicated system administration section of ;login:, the bi-monthly USENIX magazine; the Addison-Wesley Professional/ Intel Prentice Hall Professional sysadmin-focused training and practical information found at LISA, at the Interhack USENIX Annual Technical Conference, and at the USENIX Security Ajava Systems, Inc. Microsoft Research Symposium; and the USENIX Jobs Board. AMD NetApp A complimentary membership in USENIX is part of every non–USENIX- Cambridge Computer Oracle member technical sessions registration. The benefits of this member- Services, Inc. OSDL ship include: EAGLE Software, Inc. Raytheon • Free subscription to ;login:, the highly regarded bi-monthly mag- Electronic Frontier Foundation azine of USENIX, both in print and online Ripe NCC Eli Research • Online access to all conference Proceedings from 1993 to the Sendmail, Inc. present GroundWork Open Source Splunk • Discounts on technical registration fees for all USENIX- Solutions sponsored and co-sponsored events, including LISA Hewlett-Packard Sun Microsystems, Inc. • Discounts on purchasing printed Proceedings, CD-ROMs, and IBM Taos other Association publications Infosys Tellme Networks • Discounts on industry-related publications such as Sys Admin, UUNET Technologies, Inc. Linux Journal, and O’Reilly and No Starch Press books • The right to vote in USENIX Association elections SAGE SUPPORTING MEMBERS

SAGE: A USENIX SPECIAL INTEREST GROUP FOR SYSADMINS Ajava Systems, Inc. MSB Associates SAGE is the USENIX SIG for sysadmins. Created by and for sysadmins, FOTO SEARCH Stock Raytheon SAGE focuses on evolving best practices and technology. We’re proud Footage and Stock Splunk to offer our members access to information on the latest tools, trends, Photography Taos and training in the field. Microsoft Research Tellme Networks To that end, we are constantly creating new programs. In the fall the new SAGE Web site will debut, including the SAGE Programs Blog, LISA ’06 SPONSORS AS OF AUGUST 31, 2006 enhanced Jobs and Speakers areas, an updated Bookshelf, and SysAdmin Toolbox 1.0. Visit the membership booth at LISA and find out Cambridge Computer Microsoft Research about the latest developments. Services, Inc. Splunk A complimentary membership in SAGE is part of every non–SAGE-mem- Google ber technical sessions registration. The benefits of membership include: LISA ’06 MEDIA SPONSORS • Discount on registration for LISA, the annual Large Installation System Administration Conference ACM Queue Linux Journal • The latest Short Topics in System Administration booklet for Addision-Wesley Professional/ Linux Pro Magazine every member and access to the Short Topics online library— Prentice Hall Professional 14 volumes and growing! No Starch Press • The option to join sage-members, an electronic mailing list Dr. Dobb’s Journal OSTG for peer discussion and advice, and access to the sage-mem- GRIDtoday SNIA bers list archives HPCwire • Immediate access to the results of the SAGE Salary Survey StorageNetworking.org IDG World Expo • Access to job postings, including real-time email notification Sys Admin of new jobs posted and the abillity to post resumes IEEE Security and Privacy UserFriendly.org • Discounts on publications such as Sys Admin magazine ITtoolbox

26 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 ACTIVITIES/SERVICES/INFO FOR STUDENTS

ACTIVITIES SPECIAL CONFERENCE SERVICES To enhance your LISA conference experience, attendee events are planned throughout the week. Attend the very popular Birds-of-a- Bring Your Laptop! Feather sessions (BoFs). Mingle with your peers and technological luminaries during the receptions. USENIX is pleased to offer Internet connectivity at LISA ’06 via an open, unsecured 802.11b Wi-Fi network. Those not wishing to use wireless can See the LISA ’06 Web site, www.usenix.org/lisa2006, for the latest plug in and charge up in the Terminal Room. No laptop? No problem. The additions to the activities schedule. Terminal Room will offer a few *NIX terminals with a Web browser and your Welcome Get-Together favorite shell. See http://www.usenix.org/termroom for more information. Saturday, December 2, 6:00 p.m.–8:00 p.m. The wired and wireless networks provided by USENIX at this conference are for the use of conference attendees only, subject to the following Start the conference out right: mingle with your fellow attendees conditions: over drinks and snacks at the Welcome Get-Together. • USENIX may monitor these networks. Conference Orientation • Any illicit or intrusive use of the network, including packet sniffing, Saturday, December 2, 8:00 p.m.–9:00 p.m. is expressly forbidden. Whether this is your first time at LISA or your twentieth, stop by the • The wireless network is open and insecure. USENIX strongly Conference Orientation to learn how to get the most out of the con- recommends that all users encrypt their transmissions. Users are ference. The orientation includes an overview of Washington, D.C., solely responsible for the security of their passwords and data. an introduction to LISA, and an opportunity to meet your peers. If you have any questions or concerns about the use of these networks, Exhibition Reception please contact any USENIX staff or Board member immediately. Wednesday, December 6, 5:30 p.m.–6:30 p.m. Conference Proceedings Join us at the Vendor Exhibition for snacks and drinks, and take the Those registered for the technical sessions will receive a complimentary opportunity to learn about the latest products and technologies. copy of the Proceedings, either in print or on CD-ROM. Additional copies Conference Reception of the Proceedings and the CD-ROM will be available for purchase at the conference. Thursday, December 7, 6:00 p.m.–8:00 p.m. Join us at the Conference Reception for beer, wine, snacks, and an added opportunity to network with your colleagues, get your questions answered, and chat about the conference. STUDENT DISCOUNTS & GRANTS Birds-of-a-Feather Sessions (BoFs) Monday, December 4, 7:00 p.m.–11:00 p.m. Training Tuesday, December 5, 7:00 p.m.–11:00 p.m. A limited number of tutorial seats are reserved for full-time students at the Wednesday, December 6, 7:00 p.m.–11:00 p.m. very special rate of $200 for one full-day tutorial (if you plan to take half-day Thursday, December 7, 8:00 p.m.–11:00 p.m. tutorials, you must take both half-days to qualify for the student rate). You must email the Conference Department, [email protected], to confirm Lead or attend a BoF! Meet with your peers! Present new work! availability and make a reservation. In your email, please specify which tuto- Don’t miss these special activities designed to maximize the value rials you wish to attend. You will be given a code number to use when you of your time at the conference. The always popular evening Birds- register. The Conference Department must receive your registration form, of-a-Feather sessions are very informal gatherings of persons inter- with the code number, full payment, and a photocopy of your current stu- ested in a particular topic. BoFs may be scheduled during the con- dent I.D. card, within 14 days from the date you make your reservation, or ference at the registration desk or in advance by sending email to your reservation will be canceled. This special fee is nontransferable. [email protected]. Want to demonstrate a new product or discuss your company’s lat- Technical Sessions est technologies with LISA attendees? Host a Vendor BoF! Email Full-time students may attend technical sessions for only $110 per day. Stu- [email protected] for more information. dents who are not members of USENIX: $40 will be added to your technical Work-in-Progress Reports (WiPs) sessions fee. Students who are not members of SAGE: $25 will be added Friday, December 8, 2:00 p.m.–3:30 p.m. to your technical sessions fee. You must fax a copy of your current student I.D. card to the USENIX Conference Dept. when you register. This special Short, pithy, and fun, Work-in-Progress reports introduce interesting fee is not transferable. new or ongoing work. If you have work you would like to share or a cool idea that’s not quite ready for publication, send a one- or two- Student Grants for Conference Attendance paragraph summary to [email protected]. We are particularly A limited number of student grants are available to pay for travel, accommo- interested in presenting students’ work. A schedule of presenta- dations, and registration fees to enable full-time students to attend the con- tions will be posted at the conference, and the speakers will be ference. To apply for a grant, see www.usenix.org/students/grant.html. notified in advance. Work-in-Progress reports are five-minute pre- Sorry, faxes will not be accepted for student grant applications. sentations; the time limit will be strictly enforced. REGISTER BY NOVEMBER 10 AND SAVE! • 27 Photos courtesy of the Washington, DC Convention & Tourism Corporation (WCTC) HOTEL & TRAVEL INFORMATION

WASHINGTON, D.C.

Wardman Park Marriott Hotel AIRPORTS & GROUND TRANSPORTATION The hotel is located near three major airports: Reagan National 2660 Woodley Road, NW Airport (DCA) is located 9 miles from the hotel; Dulles Interna- Washington, D.C. 20008 tional Airport (IAD) is 25 miles away; and Baltimore Washington Telephone: (202) 328-2000 International is 33 miles away. All three airports offer taxi service Toll-free: (800) 228-9290 (ranging from $18 to $60 one-way), Super Shuttle service (ranging from $12 to $30 one-way; call 1-800-BLUEVAN), and public Hotel Reservation Discount Deadline: transportation options (see www.wmata.com). The hotel is Friday, November 10, 2006 located one block from the Woodley Park-Zoo/Adam’s Morgan USENIX has negotiated special rates for conference attendees Red Line Metro Station. Self-parking is available at the hotel for at the Wardman Park Marriott Hotel. Please make your reserva- $11 per hour or $23 daily. Valet parking is available for $28 daily. tion as soon as possible by contacting the hotel directly. You See www.usenix.org/lisa06/hotel for more information. must mention USENIX or LISA to get the special group rate. TRAVELING TO LISA ’06 FROM OUTSIDE THE U.S.A.? See detailed advice from the National Academies about visiting Special Attendee Room Rates: the United States at www7.nationalacademies.org/visas/ $185 single, $205 double, $225 triple, and $245 quad, plus tax Traveling_to_US.html. (currently 14.5%) ABOUT WASHINGTON, D.C. Note: When the rooms in the USENIX block are sold out, USENIX and SAGE are pleased to bring LISA to Washington, requests will be handled on a space-available basis at the D.C., and the Wardman Park Marriott Hotel. The nation’s capital hotel’s standard rate. Make your reservations early! offers a lively cultural scene, a wide array of restaurants to suit Why should you stay in the headquarters hotel? every taste and budget, and myriad museums and monuments. We encourage you to stay in the conference hotel and when There are many attractions that will be of interest to LISA atten- making your reservation to identify yourself as a USENIX confer- dees, from the National Air and Space Museum to the Interna- ence attendee. tional Spy Museum. See www.washington.org for more information about Washington, D.C. It is by contracting rooms for our attendees that we can signifi- cantly reduce hotel charges for meeting room rental. When the sleeping rooms are not utilized, we face significant financial penalties. As a result, these penalties ultimately force us to raise registration fees. Questions? We recognize, however, that not everyone can afford to stay in USENIX Conference Department the conference hotel, so we always try to book venues that have 2560 Ninth Street, Suite 215 some low-cost alternatives available near the conference. Berkeley, CA 94710 USA With costs going higher and higher, we are working very hard to Phone: (510) 528-8649 negotiate the very best hotel rates and keep other conference Fax: (510) 548-5738 expenses down in order to keep registration fees as low as pos- Email: [email protected] sible. We appreciate your help in this endeavor.

28 • REGISTER TODAY: WWW.USENIX.ORG/LISA2006 REGISTRATION INFORMATION & FEES

Register or make a reservation on the Web today at REGISTRATION FEES http://www.usenix.org/lisa06/registration. USENIX and SAGE are pleased to offer Early Bird Registration Discounts Pay today with a credit card, or make a reservation online and then pay of up to $300 to those who register for LISA ’06 by November 10, 2006. by check, phone, or fax. Have the best of both worlds: the convenience After November 10, registration fees increase. of online registration without the hassle of hand-written forms, and the Daily Rates Before After ability to pay as you want, when you want! Nov. 10 Nov. 10 Early Bird Registration Deadline: November 10, 2006 1 day of technical sessions $270 $320 TRAINING PROGRAM REGISTRATION 1 day of training $625 $675 1 half-day of training; second half-day only $300 $325 $375 Every LISA ’06 training program registration includes: • Admission to the tutorials you select SAVE! Choose One of Our Special Before After • Lunch on the day of your tutorials Discount Packages Nov.10 Nov.10 • Training program CD-ROM, including all available A. 3 Days of Technical Sessions SAVE $100! $710 $860 tutorial presentations and materials B. 2 Days of Training SAVE $50! $1200 $1300 • Printed tutorial materials for your courses SAVE $100! • Admission to the Vendor Exhibition C. 3 Days of Training $1775 $1925 • Admission to the Conference Reception D. 4 Days of Training SAVE $200! $2300 $2500 • Admission to the evening activities on the days for E. 5 Days of Training SAVE $300! $2825 $3075 which you’re registered F. 6 Days of Training SAVE $600! $3150 $3450 • Conference t-shirt G. Wednesday/Thursday Half-and-Half $895 $995 • Wireless connectivity in conference session area Tech and Training* • One-year subscription to Sys Admin magazine (a $39 value)* *Attend any combination of two half-days of training and two half-days of TECHNICAL SESSIONS REGISTRATION technical sessions on Wednesday and Thursday. For maximum savings, combine Package A with Package B or C. Every LISA ’06 technical sessions registration includes: If you are a member of USENIX but not of SAGE, $40 will be added to • Admission to all technical sessions on the days of your choice your technical sessions fees. • Copy of the Conference Proceedings (in print or on CD-ROM) If you are a member of SAGE but not of USENIX, $115 will be added your • Admission to the Vendor Exhibition technical sessions fees. • Admission to the Conference Reception If you are not a member of USENIX, SAGE, EurOpen.SE, NUUG, or SAGE-AU, $155 will be added to your technical sessions fees. • Admission to the evening activities on the days for which you’re registered Optional Costs Continuing Education Units (CEUs): $15 per training day • Conference t-shirt Workshop Fees • Wireless connectivity in conference session area $150 per day, payable on-site only. See p. 24 details. • One-year subscription to Sys Admin magazine (a $39 value)* Registration Fees for Full-Time Students *Offer open only to U.S. residents. This is not an additional expense, and sub- USENIX and SAGE offer full-time students special low registration fees for traction from conference prices listed is not permissible. LISA ’06 that are available at any time. See p. 27 for details. Multiple Employee Discount Daily Rates for Full-Time Students We offer discounts for organizations sending 5 or more employees to LISA ’06. Please email [email protected] for more details. 1 day of technical sessions $110 The group discount cannot be used in conjunction with any other dis- 1 day of training $200 counts, and it cannot be applied retroactively—that is, refunds will not be A limited number of tutorial seats are reserved for full-time stu- issued to those meeting the discount requirement after they have already dents at this very special rate. Students must reserve their tutorial registered. seats before registering. If you plan to take half-day tutorials, you must take both half-days to qualify for the student rate. Please Read: This is not a registration form. Please use our online form Students who are not members of USENIX: $40 will be added to your to register or make a reservation. If you choose to make a reservation and technical sessions fee. Students who are not members of SAGE: $25 will pay later by check or credit card, you will receive a printable summary of be added to your technical sessions fee. your session selections, the cost breakdown, and the total amount due. If you are paying by check or phone, submit a copy of this summary along with your payment or have it with you when you call. Tutorial bookings Refund/cancellation date: Wednesday, November 22, 2006 cannot be conﬁrmed until payment has been received. Purchase orders, All refund requests must be emailed to [email protected] by Wednes- vouchers, and telephone reservations cannot be accepted. day, November 22, 2006. You may substitute another in your place.

REGISTER BY NOVEMBER 10 AND SAVE! • 29 THANKS TO OUR SPONSORS Cambridge Computer Services, Inc. LISA ‘06 offers the most Google in-depth, real-worlds Microsoft Research system administration Splunk training available THANKS TO OUR MEDIA SPONSORS ACM Queue IDG World Expo OSTG Addision-Wesley Professional/ IEEE Security and Privacy SNIA Prentice Hall Professional ITtoolbox StorageNetworking.org Dr. Dobb’s Journal Linux Journal Sys Admin GRIDtoday Linux Pro Magazine UserFriendly.org HPCwire No Starch Press

20TH LARGE INSTALLATION SYSTEM ADMINISTRATION CONFERENCE DECEMBER 3–8, 2006 | WASHINGTON, D.C.

NON–PROFIT ORGANIZATION US POSTAGE USENIX ASSOCIATION P AID 2560 Ninth Street, Suite 215 Berkeley, CA 94710 PERMIT #110 510.528.8649 HOPKINS, MN 510.548.5738 fax